Five common Linux security vulnerabilities you may be overlooking

In no particular order, here are the most common Linux vulnerabilities I see – the very things that may be contributing to your organization's business risks:

1. General lack of patch management for the OS: Every organization seems to have a patching system and methodology for Windows, but Linux tends to get overlooked. For example, I just came across a Red Hat system missing the Red Hat 2003:138-08 patch for Samba. This patch fixes a remote code execution vulnerability that can be exploited by the free Metasploit tool. The outcome is a remote command prompt with full access to the system – something a malicious user can exploit without anyone ever knowing about it. The IT administrators were proud of their patch management tools and procedures. They just forgot to include Linux in on things.
2. Outdated third-party applications: Another area for Linux exploitation is facilitated by systems running outdated software such as Apache, PHP, MySQL, OpenSSL, and VNC. As with missing OS patches, outdated applications create a large footprint where malicious intent can lead to exploitation and unauthorized system access (e.g., systems running SSH version 1 with weak encryption ciphers). A malicious internal ...
   
   To continue reading for free, register below or login

   Requires Membership to View

   To gain access to this and all member only content, please provide the following information:

   Email Address:
   
   
   

   By joining SearchEnterpriseLinux.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.
   
   TechTarget cares about your privacy. Read our Privacy Policy
   To read more you must become a member of SearchEnterpriseLinux.com

   As an existing member of the TechTarget network please activate your SearchEnterpriseLinux.com account 

   By joining SearchEnterpriseLinux.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.
   
   TechTarget cares about your privacy. Read our Privacy Policy
   
   
   

   RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Heartbeat  (SearchEnterpriseLinux.com) tty command  (SearchEnterpriseLinux.com)

   RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

   
   
   user or outside third-party can gain unauthorized entry, especially when accessed over an unsecured communications channel such as a wireless network.

3. Lack of password enforcement: As with patches, admins tend to be lax on the Linux side when it comes to enforcing strong passwords. I'm unclear on the reason as the enforcement mechanisms are built in. So user names can be easily-gleaned and, ultimately, passwords are cracked.
4. General lack of system hardening: Be it SNMP running with default community strings, anonymous FTP providing everyone access to sensitive files, telnet communications susceptible to interception (especially over under-secured wireless networks), and unprotected Samba shares that allow for user account enumeration, you name the service and it's almost always accessible to anyone and everyone. Thus, people who don't need system configuration information now have it, providing them a leg up on further penetrating the system.
5. Lack of backups: The final predictable security weakness with Linux is related to data backups. They're just not being done. I think part of the problem is that certain Linux-based systems are often thought of as non-critical. Web servers, syslog servers, and FTP servers aren't minor systems if you ask me. I sometimes see admins who have a basic file-copy backup of their Linux systems but not the entire OS installation. Then, in the wake of a disaster or drive failure they encounter a long – if not indefinite – recovery.

In many cases, these vulnerabilities are related to Windows-focused admins that do not know how to manage Linux systems. In other cases, I've seen savvy Linux-focused admins being held back by a general lack of management security buy-in and policy enforcement. Whatever's causing the underlying problem, it needs to be addressed. You need to make it a priority to test your Linux-based systems for vulnerabilities on a periodic and consistent basis. Pay special attention to the weaknesses I've listed here. You never know when they're going to be exploited.

Editor's note: The follow-up tip to this one takes a look at real-world exploits of Linux security vulnerabilities.

ABOUT THE AUTHOR: Kevin Beaver is an information security consultant, keynote speaker, and expert witness with Atlanta-based Principle Logic, LLC. He specializes in performing independent security assessments. Kevin has authored/co-authored seven books on information security including Hacking For Dummies and Hacking Wireless Networks For Dummies. He's also the creator of the Security On Wheels information security audio books and blog providing security learning for IT professionals on the go. Kevin can be reached at kbeaver /at/ principlelogic.com.

Rate this Tip To rate tips, you must be a member of SearchEnterpriseLinux.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.