"Linux and applications that run on it are probably no less vulnerable to security threats than other operating systems. To that extent security issues - protecting against intrusions from the Internet, maintaining data integrity, etc. -- are universal. Some computer engineers view Linux as more secure than Microsoft's OS products, simply because Microsoft's products don't get the rigorous pre-release scrutiny that open-source products like Linux get. Furthermore, engineers like to say that Linux is "immune" to computer viruses - meaning that it simply isn't effected by viruses the way that other operating systems are."

-- LinuxSecurity.com

We believe it's certainly more secure than Microsoft's, which are routinely panned for their weak security features and their slow response time with security updates. But, be aware: A poorly configured Linux system would be worse than a well configured Microsoft system.

-- LinuxSecurity.com

This is a common fear, but history has shown that the strength of a good security system lies in the inherently secure design of the system, not in the obscurity of its implementation. The earliest example of this phenomenon is perhaps the Enigma machine, which was used to encode Axis communications in WW II. The design of the machine was secret - but when the system was discovered, it was defeated by Allied codebreakers. Since that time, the strongest cryptosystems and information systems have been open systems. RSA and 3DES are good examples of fully-disclosed systems that have been in use for a long time. One can see from the number of exploits available for closed operating systems such as AIX, HPUX, and Solaris, versus the exploits in an Open Source OS such as OpenBSD or Linux, that obscuring the source code does not help at all. Revealing the source code to a well-designed security system is similar to describing the inner workings of a bank vault -- which is welded shut.

--Protectix.com

"designed to serve as the primary Internet-based source of information, insight and news relating to Linux and Open Source security issues, and is driven by the security needs of the users of the site."

"LinuxLock.org is not only just an information portal, but we are working towards creating a linux Security Community. We are currently working on some systems that will allow security experts communicate with each other and quickly get questions answered."

"Linux.com/security/ is here to provide a one stop security site for the Linux community. By focusing the talents of our staff, contributors, and the community at large, we aim to help you keep your machines secure, so that the integrity of your mission critical applications isn't compromised by insecure software design or poor network implementation. "

Security news.

"The SANS (System Administration, Networking, and Security) Institute is a cooperative research and education organization through which more than 96,000 system administrators, security professionals, and network administrators share the lessons they are learning and find solutions for challenges they face"

"SecurityPortal.com is a web site and information services provider, dedicated to providing corporate security professionals with the information and resources needed to protect their networks. We provide technotes and opinion pieces from some of the best minds in IT security, summarize breaking security news and provide a jumping off point for Security Alerts, Products, Tools and other Resources."

Linux Intrusion Detection System Project
"The LIDS is an intrusion detection/defense system in Linux Kernel"

not a purely linux site put has lots of good info about security on all systems. News, links, documenation and a good list of tools, many for linux
Just opened a new Focus on Linux section!

not exactly linux but still usefull information!
"OpenBSD believes in strong security. Our aspiration is to be NUMBER ONE in the industry for security (if we are not already there). Our open software development model permits us to take a more uncompromising view towards increased security than Sun, SGI, IBM, HP, or other vendors are able to. We can make changes the vendors would not make. Also, since OpenBSD is exported with cryptography, we are able to take cryptographic approaches towards fixing security problems."

Organizations throughout the world are adopting Linux as their production platform. By connecting to the Internet to provide critical services, they also become targets of opportunity. To help protect these Linux systems, this article covers the basics of securing a Linux box. The examples provided here are based on Red Hat 6.0, but should apply to most Linux distributions.

Web-based Firewall Rule Generator
spiffy website that makes generating firewall rules a lot easier for newbies. It usesa series of questions to guide you through everything, and then builds the rules for you with JavaScript. After that, you just save it's output as /etc/rc.d/rc.firewall, do some magic with chown and chmod and voila -- you're in business :) The whole process is outlined on the site too. Hopefully, this will help out some people new to Linux who want to run firewalls/packet filters, but are too intimidated by the command syntax.

Linux Administrator's Security Guide

Linux Security HOWTO
"This document is a general overview of security issues that face the administrator of Linux systems. It covers general security philosophy and a number of specific examples of how to better secure your Linux system from intruders. Also included are pointers to security-related material and programs. Improvements, constructive criticism, additions and corrections are gratefully accepted. Please mail your feedback to both authors, with "Security HOWTO" in the subject. "

This document explains how to set up secure POP connections using ssh

This paper provides a set of design and implementation guidelines for writing secure programs for Linux systems. Such programs include application programs used as viewers of remote data, CGI scripts, network servers, and setuid/setgid programs.

This document outlines the things you will probably have to do when you want to set up a network of computers under your own domain. It covers configuration of network parameters, network services, and security settings.

Tripwire is a tool that checks to see what has changed on your system. The program monitors key attributes of files that should not change, including binary signature, size, expected change of size, etc. The hard part is doing it the right way, balancing security, maintanence, and functionality

PortSentry is part of the Abacus Project suite of security tools. It is a program designed to detect and respond to port scans against a target host in real-time.

Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient.

"Lokkit is a tool that writes generic firewall configurations based on simple easy to answer end-user questions. It won't write the ultimate secure firewall for special cases, and it certainly won't let you set policy for a corporate network but it will give you good basic protection."

"SSH Secure Shell is the de-facto standard for encrypted terminal connections and file transfer over the Internet."

"OpenSSH is a FREE version of the SSH suite of network connectivity tools that increasing numbers of people on the Internet are coming to rely on. Many users of telnet, rlogin, ftp, and other such programs might not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks. "

"www.freessh.org intends to be the central place for information, sources, resources and discussions that have to do with free (as in beer) and compatible replacements for SSH."

"The Bastille Linux hardening script is a community consensus project: it attempts to integrate existing "best practices" documents and the shared knowledge of many administrators. The project needs constant input from its user community (This means you!) in order to remain current, as well as to fill in the gaps in our existing structure. Bastille Linux is far from perfect, and your input is crucial to making it better. "

"founded in 1999 to address the emerging security needs of internet-connected businesses globally. Protectix aims to become the leading provider of Open Source/Free Software-based security solutions through the development, contribution and distribution of this software. As newcomer Red Hat Software did in the Operating System market, Protectix delivers Open Source network security, freely distributing all source code used in Protectix products and solutions. The company has assembled its management and engineering team from experienced veterans of corporations including Dell Computer Corporation, Ernst & Young, Intel, Hewlett-Packard and Airtouch-Vodafone. "

Trinux is a portable Linux distribution that boots from a single floppy disk, loads it packages from a FAT/Ext2 partition, floppy disks, or HTTP/FTP servers, and runs entirely in RAM. Trinux contains precompiled versions versions of popular Open Source network security/monitoring tools such as nmap, tcpdump, iptraf, and ntop. Trinux default configuration provides DHCP for easy network configuration.

CERT Advisories: http://info.cert.org/pub/cert_advisories
Compromose Recovery: www.cert.org/tech_tips/root_compromise.html
CERT Mail List: http://www.cert.org
CIAC Security Web Site: http://ciac.llnl.gov/
INCIDENTS.ORG: http://www.incident.org
SABERNET: Security Papers: http://www.sabernet.net/papers/ [!!] (How to lock down Solaris/HP systems)
Security Focus: Stats: http://www.securityfocus.com/frames/?content=/vdb/stats.html
SDSC Security Page: http://security.sdsc.edu/
COAST Homepage: http://www.cs.purdue.edu/coast/
COAST Autonomous Agents for Intrusion Detection Project: http://www.cs.purdue.edu/coast/projects/autonomous-agents.html
Lance Spitzner's Security Papers: http://www.enteract.com/~lspitz/
Info on inetd Daemons: http://uwsg.ucs.indiana.edu/security/inetd.html
International Computer Security Association http://www.icsa.net/services/consortia/anti-virus/lab.html
Auscert security advisory list: http://www.auscert.org.au
Blocking Mailed Spam: http://spam.abuse.net/spam/tools/mailblock.html#filters
Securing your CGI scripts against hacker invasion: http://www.net-dev.com/ned-03-1998/ned-03-security.html
Secure Internet Programming: Secure Internet Programming Laboratory: http://www.cs.princeton.edu/sip/
Secure Programming How-To (Linux): http://dwheeler.com/secure-programs/Secure-Programs-HOWTO.html
Writing Secure Code (links! C,Perl,CGI,setuid): http://www.shmoo.com/securecode/
ISS X-Force Vulnerability Database: http://www.iss.net/xforce/
Squirrel.com: http://www.squirrel.com/squirrel/index.html#SECLINKS
SANS Archive of Web Briefings: http://www.sans.org/webarchives.htm
SANS Network Security Roadmap: http://www.sans.org/roadmap.htm
Mail Relay Information: http://maps.vix.com/tsi/ar-test.html
Wietse's collection of tools and papers (TCP_WRAPPERS): ftp://ftp.porcupine.org/pub/security/index.html
"Security Vulnerabilities" by Eric Knight (book, .pdf): www.securityparadigm.com
Packetstorm.securify.com: http://packetstorm.securify.com/