Specifications
C
Network Security
users in an existing SSH connection. The SMTP and POP3 host must be set
to localhost for this.
Additional information can be found in the manual pages for each of the
programs described above and also in the files under /usr/share/doc/
packages/openssh.
Security and Confidentiality
Basic Considerations
One of the main characteristics of a Linux or UNIX system is its ability to
handle several users at the same time (multiuser) and to allow these users to
perform several tasks (multitasking) on the same computer simultaneously.
Moreover, the operating system is network transparent. The users often do
not know whether the data or applications they are using is provided locally
from their machine or made available over the network.
With the multiuser capability the respective data of different users must be
stored separately. Security and privacy need to be guaranteed. “Data secu-
rity” was already an important issue, even before computers could be linked
through networks. Just like today, the most important concern was the ability
to keep data available in spite of a lost or otherwise damaged data medium,
a hard disk in most cases.
This chapter is primarily focused on confidentiality issues and on ways to
protect the privacy of users, but it cannot be stressed enough that a compre-
hensive security concept should always include procedures to have a regu-
larly updated, workable, and tested backup in place. Without this, you could
have a very hard time getting your data back — not only in the case of some
hardware defect, but also if the suspicion arises that someone has gained
unauthorized access and tampered with files.
Local Security and Network Security
There are several ways of accessing data:
personal communication with people who have the desired information
or access to the data on a computer
directly from the console of a computer (physical access)
over a serial line
195SuSE Linux – Firewall on CD2