Mr. Seifried discusses various topics such as how users can secure their systems, what the biggest Linux security issues are today, and more. Here are a few questions from the interview:
Lc: Do you have any favorite Linux security tools?
KS: SELinux for host security (fine grained control, but a monster to configure!). Nmap for verifying that my firewall rules are correct. Emacs for editing files to configure my system securely. There is literally no one tool that is my favorite, but indeed hundreds.
Lc: What’s the one most important thing that your average Linux admin can do to increase security?
KS: I guess that would be run the automatic updater your distribution comes with. If nothing else, this will minimize the number of gaping-wide holes in your system. Security is a holistic practice, you are only as strong as your weakest link, an attacker only needs to find one mistake to exploit a system.
Lc: What are the big issues in Linux security today?
KS: Code quality continues to be abysmal. Known security issues like buffer overflow, and even simple file creation issues continue to plague us. It’s downright embarrassing when 20-year-old programming errors continue to occur.
Go here for the rest of the interview..