Security Awareness security newsletter, and find links to other, security-related, resources. Computer Emergency Response Team (CERT) The CERT Coordination Center is run by the Software Engineering Institute of Carnegie Mellon University. Their Web site, http://www.cert.org/ provides a wealth of up-to-date information about security problems. You can also subscribe to a mailing list so that you receive security alerts by e-mail. Bugtraq Bugtraq is a mailing list for the detailed discussion of computer security issues. You can access the Bugtraq archives at http://www.securityfocus.com/, and find several mailing lists to which you can subscribe. Click on the Mailing Lists button on the toolbar, and then click on info against the mailing list of interest. A popup window will appear which includes instructions on how to subscribe. Mailing lists you might want to check out include bugtraq focus-linux linux-secnews Logging out It is vital that whenever we leave a computer system that we logged in to (such as our Red Hat Linux server, or our online banking Web site), we log out again. If we do not, there is a risk that someone else can come along and take over our connection, accessing the system as ourselves without having to go to the trouble of cracking passwords or intercepting network traffic. Checking site certificates, signatures, checksums, and so on With increasing awareness of security issues, more and more online resources (Web sites, RPM downloads, etc.) are authenticated in some way. When we access these resources, we may have an opportunity to verify their authenticity. This may be a pop-up window from our Web browser, or a checksum for an RPM. Whatever mechanism exists, we should always use it to check that the Web page we are accessing, or the RPM package we are about to install, is the genuine article, and has not been tampered with by anyone else. Where to find out more The Official Red Hat Linux Security Guide can be downloaded from https://www.redhat.com/docs/manuals/linux/. This is a good read for people who need a deeper understanding of security issues surrounding their Red Hat Linux systems. There are also lots of good Linux HOWTOs that cover security related topics. Check out the Security-HOWTO and Firewall-HOWTO, for starters. Summary Security is largely a matter of common sense. Different people value different things, so there is no one security configuration that will be exactly suited to everyone. However, Red Hat Linux does a pretty good job “out of the box”, so most security work will be in fine tuning your setup to meet particular requirements, rather than urgent actions required to fix glaring security holes. 432
Note: If you are looking for best hosting provider to host and run your tomcat application check Astra tomcat hosting services