Lately with Fysbis (1), glibc (2), and other Linux issues, we have been advocating more now than ever for organizations to use bastion hosts.
Bastion hosts are easier to patch than production servers, and they allow a Linux shop to insulate known Linux hosts / guests from the outside world.
Linux is on the map with malware, so leverage ClamAV, etc. as well as a defense-in-depth security architecture.
1. http://www.infosecurity-magazine.com/news/glibc-flaw-affects-linux-machines/
2. http://www.pcworld.com/article/3033229/security/russian-cyberspy-group-uses-simple-yet-effective-linux-trojan.html
No comments:
Post a Comment