Linux Security Tip-Of-The-Day: Never Assume Security

58

When attempting to lock down a system you should never assume that your current security configuration is sufficient. Utilizing obscure software or hiding specific files/actions will only deter intruders for a short time, the odds are that if you thought of it that someone else has too and that a knowledgeable intruder may have already encountered and and built a way to work around your current scheme. 

A good general idea is to have a virtual machine setup that is mirroring your physical machine (not mirroring the data, but mirroring the configurations), which can be very useful by giving you a test machine to run penetration and brute force attack against without compromising your physical machine. With a virtual machine you can be free to actively run penetration tests to continually ensure that your system is as secure as possible.