rvlsoft - Fotolia


Be on the lookout for Linux security vulnerabilities

Some of the most common Linux security vulnerabilities are also Windows vulnerabilities. They're all fairly easy to guard against, but some shops overlook securing any Linux systems that may be on their network.

Linux doesn't dominate the desktop world -- it's a niche operating system -- but is has important use cases in the shops where it's deployed. And those shops still have to worry about the security of their Linux desktops.

Linux certainly has its place in the enterprise. Shops use it to support specific business applications and end-user needs. But it's not a universally used OS, and it sometimes doesn't get the same attention as servers or Windows-based workstations. This treatment of Linux systems ends up creating a gray area for security and often leaves unnecessary gaps that are waiting to be exploited.

Linux needs to be treated and secured as any other system in the enterprise; not securing your Linux desktops is a big misstep, and it can open your network to some of the same common vulnerabilities as unsecured Windows desktops:

Weak passwords are crackable, and cracked passwords can lead to exposure of information within the OS or applications and databases on separate systems. A lack of system monitoring can lead to data leakage, unknown network intrusions and related issues, and without malware protection your network is open to infections; a botnet could be set up on your network, for example. Unnecessary services can lead to exploitation and exposure of sensitive information, for example via anonymous file transfer protocol connections. Without full disk encryption on laptops, there's the possibility of improper storage of sensitive information. Missing patches can lead to denial-of-service attacks, someone obtaining remote control using a tool such as Metasploit, and network snooping via the weak Secure Sockets Layer protocol and encryption ciphers. And open Network File System or Samba shares sometimes allow anyone on the network to access files that they shouldn't otherwise be privy to.

How to find Linux security vulnerabilities

You can get started testing for Linux security vulnerabilities with tools such as NetScanTools Pro (it runs on Windows) or Kali Linux. NetScanTools Pro lets you run port scans, identify specific versions of Linux and running services, and you can perform a slew of other tests such as DNS, email and even packet generation against your Linux systems. Kali Linux has just about every conceivable vulnerability scanner, penetration testing tool and forensic analysis tool you can imagine, and they're all great for uncovering and exploiting Linux-based security flaws.

I also recommend that you test your Linux systems using traditional commercial network vulnerability scanners such as Nexpose and LanGuard. They're easy to use and you'll likely find a lot of weaknesses in a short period of time using them.  Some good, old-fashioned manual analysis of Linux systems -- supported by tools such as Tiger, Linux Security Auditing Tool and Bastille UNIX -- is a great idea as well.

Reviewing the security of your Linux systems shouldn't be a one-time event. Rather, it should be part of your overall security testing program that involves all operating systems, applications and network systems.

Next Steps

Security flaws to look for in Linux-based Web systems

How to improve security in open source Web apps

Common Windows Server security weak spots

Dig Deeper on Alternative operating systems