IBM study tests Linux security

The need for security in today's networked world is overwhelming. With e-commerce, e-mail, information distribution and all the benefits of the explosive growth of the Internet, come destructive attacks, identity thefts, access violations, and worms that propagate across networks to infect thousands to millions of computers.

Consider the string of denial of services attacks that struck high profile Web sites such as eBay and amazon.com at the beginning of 2000. They can happen anywhere.

However, there are processes to apply and products to use to help manage vulnerabilities and threats to businesses. The continual process of prevention, detection and reaction can successfully thwart many attacks; iterative testing and updating ensure the latest security fixes are applied; and integrated security products provide the depth that can help prevent different kinds of attacks without compromising too much usability.

Linux is now available on increasingly more platforms and the use of Linux has grown to hosting services and enterprise applications - now there are editions from different vendors developed for that purpose, that come with capabilities that match or surpass those of proprietary operating systems. With the on demand initiative and growing emphasis on using Linux for business, securing a Linux environment becomes extremely crucial.

The good news is with the open source solutions driven by the growing popularity of Linux, there are increasingly more reliable open source security products designed to protect the Linux environment. Open source security products range from firewalls, to intrusion detection systems, to e-mail encryption and communication protocols.

To take advantage of these open source security products, a study was conducted over a period of three months at the IBM Linux Test Integration Center. The goal for the security study was to deploy and compare various open source security tools that were available for free in the industry, and provide solution recommendations based on experiences during the study.

The study involved the installation, usage, and testing of entirely open source security tools on an already established Linux middleware test environment.

The LTIC team broke the security process down into three phases, with experimentation, iterative testing and protection done for each phase. As a result, piecemeal open source security tools were combined to form an end-to-end security solution that addressed key areas of a common security policy.

Linux generally performed very well in these tests but for a full analysis of the results readers are directed to read the full White Paper on the IBM website following the address below. However, the important point to note is that Linux security is undergoing the most vigorous scrutiny and not failing in any significant way.