SECURITY ISSUES IN RED HAT ENTERPRISE LINUX Dissertation

SECURITY ISSUES IN RED HAT ENTERPRISE LINUX - Dissertation Example The intention of this study is security as a key concern for enterprise Information technology (IT) managers with a regular apprehension to keep the systems properly updated and configured to prevent unwarranted exploitation from outsiders. OpenSCAP implements an open Source of Security Content Automation Protocol (SCAP) framework for creation of uniform approach for maintains secure systems. A lot people are paying a lot attention on security matters particularly in governments to ensure their systems are well guarded and are not exposed to uncalled for bugs and exploits. With OpenSCAP, the open source community is leveraging a number of different components from the security standards ecosystem to enable the framework. In order to avoid all sorts of attacks, this research indicates some security issues of the system and software configurations in the Red Hat Enterprise Linux (RHEL) such as OpenSCAP, Security Audit system and some OpenSCAP tools, which play a vital role in the Linux security domain. Grasping these skills not only can help the administrator defend from the potential security risk making the environment more secure but also can understand the concepts of security deeply promoting the development of computer security. The world of computer security has changed dramatically in the last few years, and one of the greatest challenges now facing CIOs and IT directors is the task of maintaining the security of their IT environments. The effects of a security breach can be catastrophic, including unplanned downtime and the resulting loss of service, a potentially significant financial impact, and the loss of sensitive and confidential information. This problem has been compounded by the proliferation of networked PCs and servers as well as the growing intelligence of malicious software that seeks to exploit and expand throughout the Internet infrastructure. Companies such as Red Hat are releasing new technologies and tools to address the needs of system administrators responsible for managing the security of large numbers of geographically dispersed systems. For example, technologies such as Position Independent Executables (PIE) and Exec Shield help protect against buffer overflows, a tactic frequently employed by attackers to infiltrate and compromise flawed software programs. Another technology, Security Enhanced Linux (SELInux) prevents users and applications from damaging an entire system by enforcing security policies at the kernel level (Farrell, 2003). On the tools front, Red Hat Network, a key part of Red Hat Enterprise Linux, provides system administrators a way to review information about security vulnerabilities and proactively apply relevant security measures and other updates to large numbers of Red Hat Enterprise Linux systems easily and efficiently. With recent technologies, applications can be shielded in environments which do not expose them to: Potential flaws that may be inherent in the application