Welcome to the Red Hat Enterprise Linux Security Guide!
The Red Hat Enterprise Linux Security Guide is designed to assist users of Red Hat Enterprise Linux in learning the processes and practices of securing workstations and servers against local and remote intrusion, exploitation, and malicious activity. The Red Hat Enterprise Linux Security Guide details the planning and the tools involved in creating a secured computing environment for the data center, workplace, and home. With proper administrative knowledge, vigilance, and tools, systems running Red Hat Enterprise Linux can be both fully functional and secured from most common intrusion and exploit methods.
This guide discusses several security-related topics in great detail, including:
Securing Critical Services
Virtual Private Networks
The manual is divided into the following parts:
General Introduction to Security
Configuring Red Hat Enterprise Linux for Security
Assessing Your Security
Intrusions and Incident Response
We would like to thank Thomas Rude for his generous contributions to this manual. He wrote the Vulnerability Assessments and Incident Response chapters. Thanks, "farmerdude."
This manual assumes that you have an advanced knowledge of Red Hat Enterprise Linux. If you are a new user or only have basic to intermediate knowledge of Red Hat Enterprise Linux and need more information on using the system, refer to the following guides which discuss the fundamental aspects of Red Hat Enterprise Linux in greater detail than the Red Hat Enterprise Linux Security Guide:
The Red Hat Enterprise Linux Installation Guide provides information regarding installation.
The Red Hat Enterprise Linux Introduction to System Administration contains introductory information for new Red Hat Enterprise Linux system administrators.
The Red Hat Enterprise Linux System Administration Guide offers detailed information about configuring Red Hat Enterprise Linux to suit your particular needs as a user. This guide includes some services that are discussed (from a security standpoint) in the Red Hat Enterprise Linux Security Guide.
Red Hat Enterprise Linux Reference Guide provides detailed information suited for more experienced users to refer to when needed, as opposed to step-by-step instructions.
HTML, PDF, and RPM versions of the manuals are available on the Red Hat Enterprise Linux Documentation CD and online at http://www.redhat.com/docs/.
Although this manual reflects the most current information possible, read the Red Hat Enterprise Linux Release Notes for information that may not have been available prior to our documentation being finalized. They can be found on the Red Hat Enterprise Linux CD #1 and online at http://www.redhat.com/docs/.
When you read this manual, certain words are represented in different fonts, typefaces, sizes, and weights. This highlighting is systematic; different words are represented in the same style to indicate their inclusion in a specific category. The types of words that are represented this way include the following:
Linux commands (and other operating system commands, when used)
are represented this way. This style should indicate to you that
you can type the word or phrase on the command line and press
Use the cat testfile command to view the contents of a file, named testfile, in the current working directory.
File names, directory names, paths, and RPM package names are represented this way. This style should indicate that a particular file or directory exists by that name on your system. Examples:
The .bashrc file in your home directory contains bash shell definitions and aliases for your own use.
The /etc/fstab file contains information about different system devices and file systems.
Install the webalizer RPM if you want to use a Web server log file analysis program.
This style indicates that the program is an end-user application (as opposed to system software). For example:
Use Mozilla to browse the Web.
A key on the keyboard is shown in this style. For example:
A combination of keystrokes is represented in this way. For example:
A title, word, or phrase found on a GUI interface screen or window is shown in this style. Text shown in this style is being used to identify a particular GUI screen or an element on a GUI screen (such as text associated with a checkbox or field). Example:
Select the Require Password checkbox if you would like your screensaver to require a password before stopping.
A word in this style indicates that the word is the top level of a pulldown menu. If you click on the word on the GUI screen, the rest of the menu should appear. For example:
Under File on a GNOME terminal, the New Tab option allows you to open multiple shell prompts in the same window.
If you need to type in a sequence of commands from a GUI menu, they are shown like the following example:
Go to Main Menu Button (on the Panel) => Programming => Emacs to start the Emacs text editor.
This style indicates that the text can be found on a clickable button on a GUI screen. For example:
Click on the Back button to return to the webpage you last viewed.
Text in this style indicates text displayed to a shell prompt such as error messages and responses to commands. For example:
The ls command displays the contents of a directory. For example:
Desktop about.html logs paulwesterberg.png Mail backupfiles mail reports
The output returned in response to the command (in this case, the contents of the directory) is shown in this style.
A prompt, which is a computer's way of signifying that it is ready for you to input something, is shown in this style. Examples:
Text that the user has to type, either on the command line, or into a text box on a GUI screen, is displayed in this style. In the following example, text is displayed in this style:
To boot your system into the text based installation program, you must type in the text command at the boot: prompt.
Text used for examples which is meant to be replaced with data provided by the user is displayed in this style. In the following example, <version-number> is displayed in this style:
The directory for the kernel source is /usr/src/<version-number>/, where <version-number> is the version of the kernel installed on this system.
Additionally, we use several different strategies to draw your attention to certain pieces of information. In order of how critical the information is to your system, these items are marked as note, tip, important, caution, or a warning. For example:
Remember that Linux is case sensitive. In other words, a rose is not a ROSE is not a rOsE.
The directory /usr/share/doc/ contains additional documentation for packages installed on your system.
If you modify the DHCP configuration file, the changes will not take effect until you restart the DHCP daemon.
Do not perform routine tasks as root — use a regular user account unless you need to use the root account for system administration tasks.
Be careful to remove only the necessary Red Hat Enterprise Linux partitions. Removing other partitions could result in data loss or a corrupted system environment.