Unit 1 Discussion 1: Securing a Linux System
Learning Objectives and Outcomes
* You will present different views on security related to a Linux system.
* You will be able to identify risks related to the implementation of a Web application in a Linux environment.
A small community bank is studying the prospect of maintaining its own in-house Linux Web server for a Web application. The Web application will allow the bank’s customers to login, view their loan details, and check and save account balances. The company sends you a request for your services as a Linux and open source consultant. You grab the opportunity because you are dissatisfied with your ...view middle of the document...
Discuss and share three top areas of risk providing a suitable rationale for your selection. Participate in this discussion with your classmates by engaging in a meaningful debate regarding risks expected in this project. Summarize your thoughts in a document and submit it to your instructor.
* Format: Microsoft Word
* Font: Arial, Size 12, Double-Space
* Citation Style: Chicago Manual of Style
* Length: 1–2 pages
* Due By:Unit 1 End of Class
* The student has identified at least three areas of risk.
* The student has recognized and identified areas that were not previously considered as a risk.
As the significant prevalence of Linux web servers globally grows, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place. Many risks are possible from a compromise including using the web server into a source of malware, creating a spam-sending relay, a web or TCP proxy, or other malicious activity. The operating system and packages can be fully patched with security updates and the server can still be compromised based purely on a poor security configuration.
Security of web applications first begins with configuring the server itself with strict security in mind. Many will often deploy various layers of security to react in real time to various hacking and threats for HTTP requests. Securing the entire server and any running services with a high level of security in mind is the first fundamental step to avoid the risk of being hacked or compromised.
With the abundance of malware being installed into web...