Security Articles

Linux multi-user Linux security - insider resource attacks

Published: Thursday, 27 May 2010 16:25

It is commonly assumed that the largest threats to computer systems come from 'the outside' and can be prevented by decent anti-virus and firewalls. Attacks from the inside (usually legitimate users, or compromised accounts) are often overlooked, which could be devastating in large multi-user environments. The resource issues outlined in this article may be exploited both deliberately or through bugy software, but prevention can be simple.

Linux multi-user security - Attack prevention with ulimit

Published: Thursday, 30 May 2010 16:32

In the lastarticle [ Multi-user Linux security - insider resource attacks ] I discussed several methods an attacker with user-level access to a multi-user Linux environment could use to cause harm through forms of Denial of Service (Dos). Everything I mentioned had the theme of resource wastage. To combat this issue, it is necessary for the administrator to restrict users to reasonable parameters that, if done correctly, the average user will not notice.