Security Updates for Red Hat Linux

                As security vulnerabilities are discovered, the affected software must be updated in order to limit any potential security risks. If the software is part of a package within an Red Hat Enterprise Linux distribution that is currently supported, Red Hat, Inc. is committed to releasing updated packages that fix the vulnerability as soon as possible. Often, announcements about a given security exploit are accompanied with a patch (or source code that fixes the problem). This patch is then applied to the Red Hat Enterprise Linux package, tested by the Red Hat quality assurance team, and released as an errata update. However, if an announcement does not include a patch, a Red Hat developer works with the maintainer of the software to fix the problem. Once the problem is fixed, the package is tested and released as an errata update.

Attackers and Vulnerabilities

                To plan and implement a good security strategy, first be aware of some of the issues which determined, motivated attackers exploit to compromise systems. But before detailing these issues, the terminology used when identifying an attacker must be defined.

Red Hat Security Overview

                Because of the increased reliance on powerful, networked computers to help run businesses and keep track of our personal information, industries have been formed around the practice of network and computer security. Enterprises have solicited the knowledge and skills of security experts to properly audit systems and tailor solutions to fit the operating requirements of the organization. Because most organizations are dynamic in nature, with workers accessing company IT resources locally and remotely, the need for secure computing environments has become more pronounced.

Creating a new system local user account

The three most common methods of defining a Linux user and authenticating their logins are:

1. Local user authenticated locally with the password files /etc/passwd and /etc/shadow
2. Network authentication using an LDAP authentication server
3. NIS authentication server. To specify an NIS authentication server, use /etc/ypconf which contains the line: ypserver ip.address.of.server. Find with ypwhich

Memory Usage

           Linux Commands to Monitor Memory Usage