Home » Security » +1 8888554872, 1800832424: Does Linux is really secure?

“Linux Servers are free from threats. Aren’t they designed only to be secure?”

“When Linux servers are secure then what is the need to get additional security?”

“What Linux servers can also encounter major threats? It is a joke… right?”

Trust me while reading these statements you nod your head, with your heart saying deep inside that yes it’s true.

This is a myth that Linux servers are less vulnerable and more secure if compared to Windows servers. Though there is some truth in the myth, but still Linux servers and its hosted applications face vulnerabilities as well, and if you ignore this you are heading yourself towards trouble.

Increasing and widespread use

Earlier Linux was considered as a ‘geek’ OS and those days have gone. It is clearly exemplified by Gartner pegging the global OS growth for Linux at 13.5%, Linux occurrence in public cloud environment, if illustrated the face then approximately 90% of AWS EC2 workloads are running on different kind of Linux. With the widespread use for sensitive enterprise applications increasing focus of attacks on Linux Servers. As per the evidence South Korea used a Linux focus server during a recent ransomware attack called Erebus. It impacted the database, websites and files of 3400 businesses.

Secure, yet vulnerable

Numerous servers have cover the enterprise boundary, into the cloud thus it becomes necessary to protect the host-levels from online virus attacks. Cloud computing has helped in managing the data though, but simultaneously has increased the chances of malware attacks.

The host-based Intrusion Prevention System (IPS) helps protecting from the vulnerabilities into the OS and the applications. Apache Struts-2 issue, Heartbleed and Shellshock are some of the examples of wide spread impacts and vulnerabilities in accessing network. On the other hand, don’t think that if Heartbleed is an old vulnerability it will not harm the servers and applications. As per a recent survey conducted by Shodan, globally on more than 1,80,000 servers Heartbleed vulnerability still exists, many of them is in US.

Gartner, “Market Share Analysis: Server Operating Systems, Worldwide, 2016 (image below)

Trend Micro Support

Trend Micro Support

To run a web server on Linux protection against affected vulnerabilities like Nginx, Apache and others is necessary.

Vulnerabilities Covered in and after 2014 (approx.) Before 2014 (approx.) Total
Non-Windows OS and Core Services

80

230

310

Web Servers

114

472

586

Application Servers

255

319

574

Web Console/Management Interfaces

113

453

566

Database Servers

10

218

228

DHCP, FTP, DNS servers

9

82

91

It is very important to not confuse vulnerabilities with threats. While there may be fewer known threats for Linux, if you look at the National Vulnerability Database, there are a similar number of vulnerabilities reported for both Linux, and Windows operating systems.

Confuse the vulnerabilities with threats, though there are less on Linux but if your look at the National Vulnerability Database you will found the same number of vulnerabilities of Linux server as on Windows.

Malware, designed for Linux

Adverse to the belief, various malware hits the Linux platform. If compared to Windows the number is quite high as tens of thousands of errors or malwares affecting the Linux servers and one of them is Erebus ransomware.

It’s inadequate to only deploy the anti-malware to protect the servers. Whereas, datacenters attacks that leads to infringement includes the malware installation as attack chain part. Due to the reason compliance and security frameworks, continue to recommend anti-malware as one of the best practice.

Layered security for Linux workloads

We needs to accept the fact that when it comes to server security there is no silver bullets, neither the businesses are using layered security approach to protect the vulnerable Linux workloads. Apart from IPS and antimalware various other controls are there to help building a robust Linux Strategy.

Application Control: To block the unknown script and process from running it ‘lock down’ Linux host that simultaneously protects the malware attacking into the system.

Integrity Monitoring: It helps in monitoring the system changes whenever a new threat would try to make any change.

Log Inspection: It scans the log files by continuous monitoring the threats thus attacks like command injection, SQL injection, against APIs can be seen in the logs.

Though it’s true that Linux is the more reliable and secure operating system still it does not cure all the security solutions. Alike other OS, Linux also need maintenance, adopt multi-layered security strategy along with manage regular updates to protect the service and applications running on it. Trend Micro Antivirus Support prevents your device from any error. Trend Support or Trend Micro Chat Support is provided by Tech Net Onlines to its clients.

Trend Micro Support is provided by the team of skilled professionals, gaining vast experience in offering excellent Trend Support to its clients. You can reach us through call or Trend Micro Chat Support, by dialing our number or contacting through website. Our Trend Support is a step away from you.