Cybersecurity, Free Software and GNU / Linux: The Perfect Triad

Cybersecurity, Free Software and GNU / Linux: The Perfect Triad

Cybersecurity, Free Software and GNU / Linux: The Perfect Triad

La «Ciberseguridad» as reflected in the previous article called "Information Security: History, Terminology and Field of Action", is an associated discipline intimately to the field of «Informática» known as «Seguridad de la Información». Which in turn, in summary, is nothing more than the area of ​​knowledge which consists of the preservation of the confidentiality, integrity and availability of the «Información» associated with a «Sujeto», as well as the systems involved in its treatment, within an organization.

Hence, the «Ciberseguridad» o «Seguridad Cibernética» is an emerging discipline that is dedicated entirely to the protection of the «información computarizada», that is, ensure the «Información» that resides in some «Ciber-infraestructura», such as, a telecommunications network, or within the processes that these networks allow. Although, for others, Cybersecurity simply means protecting a «Infraestructura de información» from a physical or electronic attack.

Cybersecurity, Free Software and GNU / Linux: Introduction

According to Eric A. Fischer the «Ciberseguridad» o «Seguridad Cibernética» refers to 3 things:

“Protection measures on information technology; the information it contains, the processes, the transmission, the associated physical and virtual elements (cyberspace); and the degree of protection that results from the application of these measures ”.

And its purpose is to protect the «Patrimonio Tecnológico» public and private, which flows through the networks through ICT to prevent individuals or groups from attempting or violating the four macro lines or principles of information that travels through cyber space, which are:

  1. Confidentiality: The data transmitted or stored is private, it should only be seen by authorized persons.
  2. Integrity: The transmitted or stored data are authentic, except for errors made in storage or transport.
  3. Availability: The data transmitted or stored must always be accessible, as far as possible, to all authorized subjects.
  4. No Repudiation: The data transmitted or stored is of indisputable authenticity, especially when supported by acceptable digital certificates, digital signatures, or other explicit identifiers.

What is Cybersecurity?

Contents

What is Cybersecurity?

Defining in a more technical way the concept of «Ciberseguridad»we can use as a reference the concept developed by the professionals of «Seguridad IT» de ISACA in one of the held meetings known as «bSecure Conference o IT Master CON», what does it say:

"Cybersecurity is the protection of information assets, through the treatment of threats that put at risk the information that is processed, stored and transported by the information systems that are interconnected."

Clarifying that according to the standard «ISO 27001» the concept of «activo de información» It is defined as:

"The knowledge or data that have value for an organization, while information systems comprise applications, services, information technology assets or other components that allow its management."

Therefore, and in summary, it can be said with total precision that la «Ciberseguridad» its focus is the protection of digital information that resides in interconnected systems. Consequently, it is included within the scope of the «Seguridad de la Información».

Cybersecurity, Free Software and GNU / Linux

Cybersecurity, Free Software and GNU / Linux

Current outlook

In both the recent past and the present, it has been shown that la «Ciberseguridad» is an essential point in our current «Sociedad de la Información», whether at a personal, business or government level.

In recent times, we have seen a growing rise and power of various «ataques cibernéticos», both «organizaciones criminales» to public and private organizations, such as from countries to countries, which have created a lot of concern in users or ordinary people, such as IT professionals, programmers, company managers and leaders of countries.

Therefore, many tend to take their respective computer measurements of «Seguridad Cibernética», such as the use of Antivirus, Firewalls, IDS / IPS, VPNs, or others, which often include the Equipment Operating System, on the level of computers and servers of their technological platforms.

And although, platforms «Sistemas Operativos» and «Programas de Seguridad Informática» commercial and private are very goodThey are also the preferred target of individual, collective, commercial or state attacks. Furthermore, they do not usually detect faults or correct errors at the speed that users might consider the most optimal.

Advantage of Free Software and Open Source

For these and other reasons, Free Software, Linux-based Operating Systems and GNU-type Programs (Free and Open) tend to have a better level of quality in terms of «Ciberseguridad», both for normal users and for public and private environments.

Whether, at the level of simple users as for critical infrastructure server computers or not. Not counting, whether at the level of defense or attack the «Plataformas de Software Libre, Código Abierto y Linux» they are preferred for these purposes.

And all this, thanks to «cuatro (4) leyes básicas del Software Libre» that allow the responses to be not only more efficient and effective, but also forceful, varied and with specific guidelines. Still, despite the alleged huge fragmentation of the «Software Libre, Código Abierto y Linux».

Linux Distros and Cybersecurity

Linux Distros and Cybersecurity

Today, there are many «Distros Linux» (and BSD) that make it easier to resolve or improve our defenses regarding «Ciberseguridad», such as mass espionage, or our attack or infiltration mechanisms to violate the «Seguridad Cibernética» of others.

Here is a good list of the best known today, both for computers of simple users and for servers of critical infrastructures or not, for the subsequent investigation of them:

  1. Alpine
  2. BackBox
  3. BlackArch
  4. blackubuntu
  5. Bugtraq
  6. Caine
  7. clearOS
  8. container linux
  9. DEFT
  10. discreet
  11. GnackTrack
  12. Heads
  13. Hyperball
  14. IPCop
  15. IPFire
  16. ipredia
  17. Time
  18. Kodachi
  19. LPS
  20. Network Security Toolkit
  21. NodeZero
  22. OpenBSD
  23. Openwall
  24. Parrot
  25. Pentoo
  26. PureOS
  27. Qubes
  28. Samurai Web Security Framework
  29. Santoku
  30. SecurityOnion
  31. smooth wall
  32. Tails
  33. triskele
  34. TrustedBSD
  35. ubGraph
  36. Whonix
  37. WifiSlax
  38. xiaopan

Cybersecurity, Free Software and GNU / Linux: Conclusion

Conclusion

Whatever, the «Distro Linux» Which is chosen to use, whether personally or professionally, at home or at work, it will always be important to bear in mind that simply using it, there is no total guarantee that a user will be protected from any danger or threat to his «Seguridad Cibernética».

Therefore, the most important thing will always be to maintain «mejores prácticas» de «Seguridad Informática», both personally, and those guided by IT staff within the organization where it operates. Remember, users will always be the weakest link in the chain of  «Seguridad Informática». And if you want to delve a little more into the subject, we recommend this great Glossary of Cybersecurity terms.


6 comments, leave yours

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   arankaren said

    Where is Hyperbola, Trisquel, GuiSD, etc?

  2.   Linux PostInstall said

    Thank you for your comment and suggestion. Certainly, it will be good to include the first 2 because they are totally free Distros. From the third (GuiSD) I did not get an official website.

  3.   jean said

    Very interesting, but I would have liked that in the «good List of the best known» it would have been useful to associate the link corresponding to each app.
    Thank you for sharing this information.

    1.    Linux PostInstall said

      Greetings, Jean. How many items were, their respective URLs were left for each user to do their own searches.

  4.   Vic said

    Good,

    I am an engineer and the topic of cybersecurity calls my attention. I have considered taking a course since progressing on my own is too heavy due to lack of time and dedication. I have found this course That looks pretty good, also close to home. Let's see if you can give me an opinion about it.

    Thank you and very good post!

    1.    Linux PostInstall said

      Greetings, Vic! Thanks for your comment. With regard to this Course on Industrial Cybersecurity and Critical Infrastructures, the content and the methodology addressed are seen quite well and if it is close to you, then better ... I hope you can do it and meet your expectations ...