Chapter 42. Security Overview

Chapter 42. Security Overview

42.1. Introduction to Security
42.1.1. What is Computer Security?
42.1.2. Security Controls
42.1.3. Conclusion
42.2. Vulnerability Assessment
42.2.1. Thinking Like the Enemy
42.2.2. Defining Assessment and Testing
42.2.3. Evaluating the Tools
42.3. Attackers and Vulnerabilities
42.3.1. A Quick History of Hackers
42.3.2. Threats to Network Security
42.3.3. Threats to Server Security
42.3.4. Threats to Workstation and Home PC Security
42.4. Common Exploits and Attacks
42.5. Security Updates
42.5.1. Updating Packages

Because of the increased reliance on powerful, networked computers to help run businesses and keep track of our personal information, industries have been formed around the practice of network and computer security. Enterprises have solicited the knowledge and skills of security experts to properly audit systems and tailor solutions to fit the operating requirements of the organization. Because most organizations are dynamic in nature, with workers accessing company IT resources locally and remotely, the need for secure computing environments has become more pronounced.

Unfortunately, most organizations (as well as individual users) regard security as an afterthought, a process that is overlooked in favor of increased power, productivity, and budgetary concerns. Proper security implementation is often enacted postmortem — after an unauthorized intrusion has already occurred. Security experts agree that the right measures taken prior to connecting a site to an untrusted network, such as the Internet, is an effective means of thwarting most attempts at intrusion.


Note: This documentation is provided {and copyrighted} by Red Hat®, Inc. and is released via the Open Publication License. The copyright holder has added the further requirement that Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder. The CentOS project redistributes these original works (in their unmodified form) as a reference for CentOS-5 because CentOS-5 is built from publicly available, open source SRPMS. The documentation is unmodified to be compliant with upstream distribution policy. Neither CentOS-5 nor the CentOS Project are in any way affiliated with or sponsored by Red Hat®, Inc.