Product SiteDocumentation Site

Chapter 4. Workstation Security

4.1. Evaluating Workstation Security
4.2. BIOS and Boot Loader Security
4.2.1. BIOS Passwords
4.2.2. Boot Loader Passwords
4.3. Password Security
4.3.1. Creating Strong Passwords
4.3.2. Creating User Passwords Within an Organization
4.4. Administrative Controls
4.4.1. Allowing Root Access
4.4.2. Disallowing Root Access
4.4.3. Limiting Root Access
4.5. Available Network Services
4.5.1. Risks To Services
4.5.2. Identifying and Configuring Services
4.5.3. Insecure Services
4.6. Personal Firewalls
4.7. Security Enhanced Communication Tools
Securing a Linux environment begins with the workstation. Whether locking down a personal machine or securing an enterprise system, sound security policy begins with the individual computer. After all, a computer network is only as secure as its weakest node.

4.1. Evaluating Workstation Security

When evaluating the security of a Red Hat Enterprise Linux workstation, consider the following:
  • BIOS and Boot Loader Security — Can an unauthorized user physically access the machine and boot into single user or rescue mode without a password?
  • Password Security — How secure are the user account passwords on the machine?
  • Administrative Controls — Who has an account on the system and how much administrative control do they have?
  • Available Network Services — What services are listening for requests from the network and should they be running at all?
  • Personal Firewalls — What type of firewall, if any, is necessary?
  • Security Enhanced Communication Tools — Which tools should be used to communicate between workstations and which should be avoided?