<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=522217871302542&amp;ev=PageView&amp;noscript=1">

Challenging Common Notions of Linux Security

Posted by Grant Chapman on Mar 15, 2018 12:00:00 PM

Top 3 Reasons Users Love Linux

1.  A Powerful, Cost-Effective Option: Linux is a powerful alternative for enterprises looking to reduce operational expense and facilitate innovation within their organizations. It provides copious benefits to its users including a wide range of free and paid distributions, increased customization and increased stability.

2.  Critical Security Features: One of the most frequently touted features is Linux intrinsic security compared to other operating systems. Linux advocates defend this rationale by citing a few factors. As an open source software (OSS), it has an ever-growing community that’s continually providing bug fixes and inspecting kernels for backdoor

3.  Lower Threat Risks: Because Linux isn’t a commonly used OS on hardware like desktops – the rate of development and prevalence of Linux threats isn't as great as threats on other more mainstream platforms.

Linux Security Isn’t Flawless

Due to the recent slew of malware and other security threats designed to target Linux, cybersecurity companies and Linux developers have begun to argue that Linux is not without its own security risks. Per WatchGuard Technologies’ Q1 2017 Internet Security Report, the cybersecurity battleground is shifting to Linux and web servers with Linux malware making up at least 36 percent of the top malware detected that quarter. In the same year, Trend Micro also identified a number of high-profile threats targeting Linux such as Rex, Mirai, LuaBot and FAIRWARE 2. Both Rex and FAIRWARE are ransomware variants that target Linux-based servers running websites. Mirai and LuaBot are Trojans that infect systems and turn them into bots, which can be used in large-scale Distributed Denial of Service (DDoS) attacks. In October 2016, hackers used Mirai to bring down DNS provider Dyn in one of the worst DDoS attacks in recent years, resulting in the inaccessibility of websites such as GitHub, Twitter, Netflix and Airbnb for hours.

The Linux community recognizes the rise in Linux threats and has developed numerous distributions and features to strengthen the security of Linux systems. For example, Parrot Linux, a Debian-based distribution is developed for digital forensic experts and focuses on security. The creators have enhanced their kernel with anonymity tools, cryptography tools and a sandboxed system to browse the internet. Sandboxing or jailing creates a safe environment to execute programs. Another popular security distribution is the Edward Snowden-sponsored Qubes OS, which enhances security by compartmentalizing the various parts of your digital life into securely isolated compartments called qubes.. Using a combination of VMs and sandboxing, qubes are isolated from each other so that if an attacker compromises one qube it cannot affect the other qubes. It even places common attack vectors like network cards and USB controllers in their own hardware qubes thus further reinforcing security through compartmentalization.

Enhancing Linux Security With SELinux

Originally released by the National Security Agency in 2000, SELinux was developed to provide an enhanced way to enforce the separation of information based on confidentiality and integrity requirements. SELinux introduces mandatory access controls to the Linux kernel and allows administrators to pre-define and label policies that control the specific actions a user can take within a system. Essentially, it labels every executed process or user action with a username, role and domain.

The system automatically checks the intended action against a preset list of policies pertaining to the user or process and determines if authorized. If deemed unauthorized, or outside the scope of the defined policies for a user, the action is denied. Additionally, the labeling of users and roles by SELinux is separate from the actual system users and roles. This provides a layer between the processes and users defined in the policies and “root” access or blanket administrative privileges within the Linux kernel. 

Due to its success and utility, a majority of common commercial and free Linux distributions have adopted SELinux. It’s available for use with CentOS, Android, Debian and Ubuntu to name a few. Furthermore, Red Hat, the commercial open source Linux leader, has also adopted SELinux utilizing it in every major release of Red Hat Enterprise Linux since version 4.0. Red Hat also provides enterprise-level support for its features.

Rely on Tech Data for Best-In-Class Linux Security Solutions

As enterprise-level Linux adoption increases, so will Linux-based security threats. Despite the significant advancements in Linux security enhancements and distributions, the Linux community has asked for further developments and improvements. Tech Data answered that call. We’ve worked to become a leading provider of Linux security solutions in the global channel. We’re dedicated to helping you keep your customers ahead of the security curve. We offer a comprehensive number of best-in-class prominent endpoint security solutions for Linux systems.

For additional information on securing Linux, please contact the Tech Data Security and Information Management team today at securityservices@techdata.com or 800-237-8931, ext. 73246.

Tags: Security, OSS, Opensource Software, Linux