25.0 Security in the Network

The security of data, services, and transfers within networks is and always will be an important issue. This chapter provides information about how to prevent unauthorized access to the system and how guard against attacks from the outside.

The establishment of a CA (certification authority) makes it possible to encrypt communications throughout the network, using techniques such as a VPN (virtual private network). Other mechanisms, such as masquerading, firewalls, and Kerberos, can be used to control the exchange of data and the general data traffic. The Secure Shell (SSH) allows users to log in to remote hosts by way of an encrypted connection. Apart from these purely technical instructions, this chapter also includes information about the more general security aspects of a Linux network.