Posted on 10/03/2023 9:05:02 AM PDT by ShadowAce
Bookmark
Not sure how the article can claim that Linux has 96.4% of the webserver share
https://www.wappalyzer.com/technologies/web-servers/
I am not a linux guru, in fact I probably need a linux for dummies book
I could totally setup an IIS webserver with .Net framework cause that is really easy to do
but I can hardly mount a usb drive on linux
“A cybercriminal enters the network through brute force, or any credential abuse method.”
Just like any and all systems. Since 99% of Linux attack vulnerabilities are local and hands on, Local credential access is the main issue. Don’t let anyone near your machine and don’t give anyone credential root access you cannot personally hold accountable. And a very strong password that even their wildest dreams cannot figure out will prevent the 1% chance of brute force attacks from remote sources.
Not the underlying OS.
you cannot run IIS on Linux, and even if you could, why would you?
bookmark
There are whole nations running Linux as their government computer infrastructure.
96.3% of the top 1 million web servers run Linux. And 90% of cloud infrastructure operates on Linux.
SpaceX has used Linux-supported systems to complete 65 missions so far. This includes the famous Falcon 9 missions. Being the primary choice of governmental agencies as well as private companies, Linux users include other high-end space organizations, including NASA and ESA.
https://truelist.co/blog/linux-statistics/
Know what I want? Unlike most who are plain lazy, I want to implement a “timed” requirement for two logins to pass with two different credentials before mine can be rooted. That way even if one is breached there is a second to pass within a time limit or it locks up.
How would I do this?
How would I do this
Not quite the same thing, but "port knocking" can give you additional protection.
Cool! digging around about it, thank you!
Those of us who use Linux regularly have to guard against our tendency to think that with regards to security we’re bullet-proof. No such thing when it comes to any computer connected to the Internet, is there?
Biggest thing to help linux for home use is Steam Deck.
except for those with encrypted disks. That would take me a while longer
The largest threat is social engineering. A well-hardened/secured Linux box is much more secure, technically, than a Windows box.
In fact, I've set up all our new builds here at work so that no user (except one account) can become root--even if they know the root password. They can run a limited subset of commands as root (to enable them to do their jobs), but they cannot become root, and they cannot edit important configuration files as root--though they can edit other files as root.
Well of course there are those like yourself who can do that. But at that point there is no way to keep someone like you out anyhow. But... It would be nice to better harden it from the 99.999% of attempts.
It would be comparable to digging through a thousand keys to unlock the first door. Then having to dig through thousands of different keys to unlock the second inside door. But only having 5 seconds to dig through all those keys to unlock both doors quick enough to keep it from locking up completely requiring a hard power down and reboot.
No one can root it without both “known” door keys already in hand, use them quickly in sequence, or too late you are not getting in at all because the whole thing locks up and you have to start all over again from power up and reboot.
But at it’s face it would look like the first was just a failed attempt because it gives you the login form again. There would be no indicators at all that the first was successful or not. But entering the second password within 5 seconds would then root it. So the secret requirement of two logins would not even be detectable or obvious. You would have to know it was set up this way. Even if they do guess the first login, screwing around trying to guess the second login in 5 seconds would be near impossible. If they even figure out the problem is that it also needs a second.
Digging through PAM stuff now to see if something can be put together. :)
“In fact, I’ve set up all our new builds here at work so that no user (except one account) can become root—even if they know the root password. They can run a limited subset of commands as root (to enable them to do their jobs), but they cannot become root, and they cannot edit important configuration files as root—though they can edit other files as root.”
Yes, I was just reading about creating levels of configuration access.
No, for me most of the above applies to Windows 11, as customized (which few do), thank God, but you knew that. Maybe someday MS will change too many things the wrong way and make the time needed to customize one of the multitudinous flavors of Linux warranted. No need to as of now, but thanks for being out there. Linux
It is no wonder that Linux has captured the lion's share of the IT market
I think the fact that it is free also has something to do with that.
Quite a stat.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.