Chapter 4. Workstation Security

Securing a Linux environment begins with the workstation. Whether locking down a personal machine or securing an enterprise system, sound security policy begins with the individual computer. After all, a computer network is only as secure as its weakest node.

4.1. Evaluating Workstation Security

When evaluating the security of a Red Hat Enterprise Linux workstation, consider the following:
  • BIOS and Boot Loader Security — Can an unauthorized user physically access the machine and boot into single user or rescue mode without a password?
  • Password Security — How secure are the user account passwords on the machine?
  • Administrative Controls — Who has an account on the system and how much administrative control do they have?
  • Available Network Services — What services are listening for requests from the network and should they be running at all?
  • Personal Firewalls — What type of firewall, if any, is necessary?
  • Security Enhanced Communication Tools — Which tools should be used to communicate between workstations and which should be avoided?