Beyond the proper installation and configuration of your Red Hat Linux system, it is critical that you secure the system to an acceptable level of risk given its role, importance, and expected use. Security is an incredibly complex subject that constantly involves emerging problems, as well as potential ones.
Due to its amorphous and intricate nature, many system administrators and users make the mistake of tackling small, isolated problems while letting much larger and dangerous issues slip by. True system security goes far beyond the installation of the latest update, the configuration of a certain file, or the careful administration of user access to system resources. It is a way of looking at the various threats to your system and the lengths you will go to prevent them.
No system is completely secure unless it is turned off (and even then, it is susceptible to being stolen). Any time the system is on, it is susceptible to attack, ranging from a harmless prank to a hardware-destroying virus to data being erased. But all is not lost. With the proper outlook, as well as some good tools, you can enjoy many years without experiencing a single security problem. The following sections are designed to outline a way to approach system security and potential threats, a context within which to consider various security tools, costs, and benefits when running Red Hat Linux.
All users of any operating system face a common dilemma when constructing a security paradigm for their system. On one hand, they seek to avoid making the system so secure that nothing will run on it properly. But on the other hand, they also try to avoid making the system so insecure that anyone can (and will) do anything on it they they wish to, including deleting the work of others or much worse scenarios.
There is no one right way to solve this dilemma. Some systems, either by the nature of their purpose or the importance of the data they protect, fall on one side of the dilemma while other systems, whether because of the wide variety of users utilizing them or the fact that they are test machines, fall on the other side.
The most important thing you can do when configuring the security of your system is to determine where on the security dilemma spectrum your particular system lies. This may be done for you by company policy. Or, you may be a researcher with a system that you never connect to public networks, and no one other than you has physical access to the machine. Or, you may be a home user that is connected to a broadband connection and (rightfully) concerned about ways malicious users a world away could damage your data.
Regardless which of the countless possible scenarios you may fit in, you bear the responsibility to determine your proper exposure to risk versus the goals your system must accomplish. Then, once you make this determination, use this knowledge as a guide of how to set up and maintain security guidelines on your system.