As the LINUX operating system class constantly promoting, in addition to the economic crisis period need to reduce the total cost of ownership of IT, more and more small and medium-sized enterprises have their own important service to the LINUX system migration.
With LINUX system strong security and fewer costs, mounted in a Linux system on a variety of enterprise services for these SMEs provides greater development and better competitiveness. However, in the current network environment, along with the hacker technology continues to improve, as well as the increasing number of hacker, network attacks are more and more. The security of your LINUX system is currently undergoing tests over and over again, LINUX system security flaw emergence is also increasing. For those who use LINUX system for SMEs, how to protect the security of data on the server is a force in the eyebrow anxious. Thus, many SMEs are using the network firewall to block most of network attack, however, once certain network attacks through a firewall, the important data on the system is used by an attacker complete control of the risks. Therefore, in a Linux system on the layout of a host-based intrusion detection system is necessary. LIDS is a Linux kernel patch mode to intrusion detection systems. Full name as LIDS LINUX intrusion detection system (Linux Intrusion Detection System), it integrates in the LINUX kernel can be used to further enhance the security of the Linux kernel, the LINUX kernel provides a secure and mandatory access control models, can also be used as a fallback for firewall protection. To protect Linux system on important directories and files are not copied, deleted, important services are not deleted or stopped, you cannot modify the system log on using, and so on. In this article, here we come together to learn more about how a Linux system using LIDS. «Ò» ¡ ¢ main features we LIDS with LIDS, mainly use it for the following key features: 1. protection: LIDS can protect the hard disk on any type of file (such as passwd and shadow files, etc) and directory (for example/bin,/sbin,/etc/rc.d/usr/bin,/usr/sbin, etc.), to prevent their unauthorized users (including ROOT) and unauthorized access and use the program. LIDS also protects important processes in the system is not terminated, enable it for this feature, any user on the system, including root cannot kill the process, but you can hide specific processes. In addition, LIDS also prevents illegal program RAW hard disk IO operation, protection, including the hard disk's master boot record (MBR) protection and so on. 2. detection feature: through the integration in the kernel port scanner, LIDS can be detected by the system is listening on port and can be detected by the content reports to your system administrator. LIDS also can detect any breaches of the rules on the system. 3. Alert: when the LIDS detected breach of the security rule set, it will be on the console displays the appropriate warning information, and illegal practices detail records to a system of protection LIDS in a log file. LIDS can also use log files to our set of administrator email address, at the same time, you can immediately close the LIDS also illegal user's current session.
No comments:
Post a Comment