Security Handbook
Much of the content of the Security handbook has not been modified since 2010 and may be a bit behind the times. Until further notice treat the content with caution.
The Security Handbook supplements the Gentoo Handbook and aims to provide valuable guidance on Gentoo Linux security and cybersecurity in general.
As with the Gentoo Handbook, this document is broken up into multiple sections. These are linked individually below and may be followed in-order; for convenience the all-in-one-page Security handbook may be found here.
This handbook is informed by industry best practice (e.g. the Australian Cyber Security Centre's Information Security Manual (ISM) and other similar documents).
It is important to note that cyber security is not a static field. As such, this handbook will be updated as new information becomes available and users are advised to check back regularly.
Contents
Introduction and theory
- Security concepts
- Important concepts to consider
- General security guidance
- Some general security guidance for those that want a TL;DR
Hardware security
Firmware security
- Firmware security
- Firmware security considerations.
Software security
Local
- Staying up-to-date
- Ensuring the latest security updates.
- Boot Path Security
- Security between the Boot ROM and the Linux Kernel
- Mounting partitions
- /etc/fstab provides many security options.
- Kernel security
- Instructions for securing the kernel.
- Linux security modules
- An overview of mandatory access control options.
- User and group limitations
- provides detail on controlling the system's resource usage of users via limits and quotas.
- File permissions
- Securing local files.
- PAM
- Pluggable Authentication Modules.
Remote
- Firewalls and network security
- A guide on packet filtering and network security options in the kernel.
- iptables
- nftables
- Securing services
- Help on ensuring system daemons are secure and controlling access to services.
- Chrooting and virtual servers
- Isolating servers.
Data and information security
- Information Security
- Keeping data secure
Logs and auditing
- Logging
- Choose between (at least) three different system loggers.
- Intrusion detection
- How to discover if intruders have entered a system.
This page is based on a document formerly found on our main website gentoo.org.
The following people contributed to the original document: Kim Nielsen (author), John P. Davis (editor), Eric R. Stockbridge (editor), Carl Anderson (editor), Jorge Paulo (editor), Benny Chuang (editor), Sune Jeppesen (editor), Tiemo Kieft (editor), Zack Gilburd (editor), Dan Margolis (editor), and ) on April 2, 2010.
They are listed here because wiki history does not allow for any external attribution. If you edit the wiki article, please do not add yourself here; your contributions are recorded on each article's associated history page.