mirror of
https://github.com/LCTT/TranslateProject.git
synced 2025-01-25 23:11:02 +08:00
geekpi
GitHub
commit
80c39f7df3
@ -1,86 +0,0 @@
|
||||
[#]: subject: "5 open source security resources from 2021"
|
||||
[#]: via: "https://opensource.com/article/21/12/open-source-security"
|
||||
[#]: author: "Jessica Cherry https://opensource.com/users/cherrybomb"
|
||||
[#]: collector: "lujun9972"
|
||||
[#]: translator: "geekpi"
|
||||
[#]: reviewer: " "
|
||||
[#]: publisher: " "
|
||||
[#]: url: " "
|
||||
|
||||
5 open source security resources from 2021
|
||||
======
|
||||
This countdown is for the security articles for 2021 you need to read
|
||||
right now.
|
||||
![A secure lock.][1]
|
||||
|
||||
One of the most prevalent discussions on Opensource.com in 2021 was about the security and privacy of your own data. A noticeable theme was that your data is yours and that passwords were key to security. This year's security authors provided helpful tips and open source tools for keeping your data and hardware secure.
|
||||
|
||||
Here is my top-five countdown of this year's security journey.
|
||||
|
||||
### [6 open source tools and tips to securing a Linux server for beginners][2]
|
||||
|
||||
[Sahana Sreeram][3] provides six fundamental server security tips, starting with updates and ending with malware scanning. This article provides a head start with your Linux servers either at home or work. Pay extra attention to the password strength section and the tools to create risk-reducing requirements on password policies for your server, as this is the most critical practice on any operating system you are using. This article is a practical guide to working on security in your day-to-day work on Linux servers. As Sahana points out, the security landscape is undoubtedly expanding, and this article gives everyone the chance to start working on prevention.
|
||||
|
||||
### [5 ways to protect your documents with open source software][4]
|
||||
|
||||
This next article is excellent for people like myself who write a ton of documentation on everything from articles to personal research notes. Author [Ksenia Fedoruk][5] starts with a list of open source cloud storage services to save your documents. Next, she covers the importance of encryption and the ways to use encryption with our docs. She also covers digital signature and watermarking of documents in clear detail and what open source tools to use. Finally, the article covers the use of password protection of the docs we've made and worked with. The reminder in the ending follows a common theme this year in security: Your data is yours.
|
||||
|
||||
### [4 Linux tools to erase your data][6]
|
||||
|
||||
In this article, [Don Watkins][7] covers the responsibility and caretaking of hardware. It leads off with a series of tools to wipe hard drives so that your data can't be taken from the next person to use the equipment. In several small walk-throughs, Don covers using GNU shred, ShredOS, the `dd` command, and finally `nvme-cli`. Each of these can remove all the data from your hardware and sanitize the hard drives you were working on and no longer need. Don's concluding thoughts provide a gentle reminder that if you are selling your hardware, that doesn't mean the next person should have your data. Your data is yours.
|
||||
|
||||
### [Generate passwords on the Linux command line][8]
|
||||
|
||||
As I pointed out earlier in this countdown, passwords are essential to this year's security round-up. In this article, our writer [Sumantro Mukherjee][9] starts by covering how many websites can have (and should have) strict rules when it comes to passwords. This step-by-step article covers how to use `pwgen`, starting by installing it and then generating passwords. This was a useful tool to cover, and Sumantro details how to use some flags to generate a password tailored to any website's or application's requirements and policies. At the end of this read, the final thoughts include a link to a handy list of open source password managers written earlier this year by another of our authors, [Jason Baker][10]. This is an important read to start making better passwords for your everyday use on websites to prevent hacking or any data loss in your accounts.
|
||||
|
||||
### [Encrypt your files with this open source software][11]
|
||||
|
||||
Finally, in this year's security countdown, is an article about encryption and encrypting your files. [Seth Kenlon][12] covers an open source cross-platform encryption tool called VeraCrypt. Seth's walk-through explains in-depth how to install and use VeraCrypt and shows the ease of use of this cool bit of software. But not before giving a brief history on VeraCrypts predecessor, TrueCrypt, and how VeraCrypt is backward compatible with previously encrypted volumes by TrueCrypt. With this easy-to-use open source software encryption, Seth has proven that you can own your data locally and encrypt it the way you want.
|
||||
|
||||
### Honorable mentions
|
||||
|
||||
While these five were my favorite this year, here are two additional honorable mentions that are also worth the read.
|
||||
|
||||
* Seth Kenlon's [Understanding Linus's Law for open source security][13]
|
||||
* [Mike Calizo's][14] [How to adopt DevSecOps successfully][15]
|
||||
|
||||
|
||||
|
||||
Each of these gives a structured read on security policies and adoption.
|
||||
|
||||
### Final thoughts on security
|
||||
|
||||
I highly recommend reading each of these articles and [several others][16] this year. These will prepare you for what's to come in the world of security in 2022. You could be the new year's security champion.
|
||||
|
||||
Have some tools you want to suggest? Leave a comment or [pitch your article idea][17].
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://opensource.com/article/21/12/open-source-security
|
||||
|
||||
作者:[Jessica Cherry][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://opensource.com/users/cherrybomb
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/rh_003601_05_mech_osyearbook2016_security_cc.png?itok=3V07Lpko (A secure lock.)
|
||||
[2]: https://opensource.com/article/21/4/securing-linux-servers
|
||||
[3]: https://opensource.com/users/sahanasreeram01gmailcom
|
||||
[4]: https://opensource.com/article/21/4/secure-documents-open-source
|
||||
[5]: https://opensource.com/users/ksenia-fedoruk
|
||||
[6]: https://opensource.com/article/21/10/linux-tools-erase-data
|
||||
[7]: https://opensource.com/users/don-watkins
|
||||
[8]: https://opensource.com/article/21/7/generate-passwords-pwgen
|
||||
[9]: https://opensource.com/users/sumantro
|
||||
[10]: https://opensource.com/users/jason-baker
|
||||
[11]: https://opensource.com/article/21/4/open-source-encryption
|
||||
[12]: https://opensource.com/users/seth
|
||||
[13]: http://opensource.com/article/21/2/open-source-security
|
||||
[14]: https://opensource.com/users/mcalizo
|
||||
[15]: http://opensource.com/article/21/2/devsecops
|
||||
[16]: https://opensource.com/tags/security
|
||||
[17]: https://opensource.com/how-submit-article
|
||||
@ -0,0 +1,86 @@
|
||||
[#]: subject: "5 open source security resources from 2021"
|
||||
[#]: via: "https://opensource.com/article/21/12/open-source-security"
|
||||
[#]: author: "Jessica Cherry https://opensource.com/users/cherrybomb"
|
||||
[#]: collector: "lujun9972"
|
||||
[#]: translator: "geekpi"
|
||||
[#]: reviewer: " "
|
||||
[#]: publisher: " "
|
||||
[#]: url: " "
|
||||
|
||||
2021 年的 5 个开源安全资源
|
||||
======
|
||||
你现在需要读的 2021 安全总结文章。
|
||||
![A secure lock.][1]
|
||||
|
||||
2021 年 Opensource.com 上最普遍的讨论之一是关于你自己数据的安全和隐私。一个明显的主题是,你的数据是你的,密码是安全的关键。今年的安全作者提供了有用的提示和开源工具来保持你的数据和硬件安全。
|
||||
|
||||
以下是我对今年安全之旅的前五篇文章。
|
||||
|
||||
### [6 个开源工具和初学者保护 Linux 服务器的技巧][2]
|
||||
|
||||
[Sahana Sreeram][3] 提供了六个基本的服务器安全提示,从更新开始,到恶意软件扫描。这篇文章为你在家里或工作中的 Linux 服务器提供了一个开端。要特别注意密码强度部分和为你的服务器创建降低风险的密码策略要求的工具,因为这是你所使用的任何操作系统上最关键的做法。这篇文章是一个实用的指南,指导你在 Linux 服务器的日常工作中进行安全工作。正如 Sahana 所指出的,安全领域无疑正在扩大,这篇文章给了每个人开始着手预防的机会。
|
||||
|
||||
### [用开源软件保护你的文件的 5 种方法][4]
|
||||
|
||||
接下来的这篇文章对于像我这样的人来说是非常好的,他们写了大量的文档,从文章到个人研究笔记都有。作者 [Ksenia Fedoruk][5] 首先列出了保存文档的开源云存储服务。接下来,她介绍了加密的重要性以及在我们的文档中使用加密的方法。她还清楚地介绍了文件的数字签名和水印以及使用哪些开源工具。最后,文章涵盖了对我们制作和使用的文档使用密码保护的情况。结尾处的提醒遵循了今年安全领域的一个共同主题:你的数据是你的。
|
||||
|
||||
### [4 个 Linux 工具来清除你的数据][6]
|
||||
|
||||
在这篇文章中,[Don Watkins][7] 涵盖了硬件的责任和维护。它以一系列擦除硬盘的工具作为引子,这样你的数据就不能从下一个使用设备的人那里拿走。在几个小的演练中,Don 涵盖了使用 GNU shred、ShredOS、`dd` 命令,以及最后的 `nvme-cli`。每一个都可以从你的硬件中删除所有的数据,并对你正在工作的、不再需要的硬盘进行删除。Don 的结论提供了一个温和的提醒:如果你要卖掉你的硬件,这并不意味着下一个人应该拥有你的数据。你的数据是你的。
|
||||
|
||||
### [在 Linux 命令行上生成密码][8]
|
||||
|
||||
正如我在本期中早先时候指出的那样,密码对于今年的安全总结至关重要。在这篇文章中,我们的作者 [Sumantro Mukherjee][9] 首先介绍了许多网站在涉及到密码时可以有(也应该有)严格的规定。这篇文章循序渐进地介绍了如何使用 `pwgen`,首先是安装它,然后是生成密码。这是一个有用的工具,Sumantro 详细介绍了如何使用一些标志来生成符合任何网站或应用的要求和策略的密码。在这篇阅读的最后,最后的想法包含链接到一个方便的开源密码管理器列表,这个列表是我们的另一位作者 [Jason Baker][10] 在今年早些时候写的。这是一个重要的读物,可以让你开始为你在网站上的日常使用制定更好的密码,以防止黑客攻击或你的账户中的任何数据丢失。
|
||||
|
||||
### [用这个开源软件加密你的文件][11]
|
||||
|
||||
今年的安全总结的最后,是一篇关于加密和加密文件的文章。[Seth Kenlon][12] 介绍了一个名为 VeraCrypt 的开源跨平台加密工具。Seth 的演练深入解释了如何安装和使用 VeraCrypt,并展示了这个很酷的软件的易用性。但在此之前,他还简要介绍了 VeraCrypt 的前身 TrueCrypt 的历史,以及 VeraCrypt 是如何向后兼容 TrueCrypt 以前加密的卷的。通过这个易于使用的开源加密软件,Seth 已经证明,你可以在本地拥有你的数据,并以你想要的方式进行加密。
|
||||
|
||||
### 荣誉提名
|
||||
|
||||
虽然这五篇是我今年的最爱,但这里还有两篇同样值得一读的荣誉文章。
|
||||
|
||||
|
||||
* Seth Kenlon 的[了解 Linus 的开源安全法则][13] 。
|
||||
* [Mike Calizo 的][14][如何成功执行 DevSecOps][15] 。
|
||||
|
||||
|
||||
|
||||
每篇文章都对安全策略和采用情况进行了结构化解读。
|
||||
|
||||
### 最后关于安全的想法
|
||||
|
||||
我强烈建议在今年阅读这些文章和[其他几篇][16]。这些将使你为 2022 年安全世界的发展做好准备。你可以成为新一年的安全冠军。
|
||||
|
||||
你有一些想要推荐的工具吗?请留下评论或[提出你的文章想法][17]。
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://opensource.com/article/21/12/open-source-security
|
||||
|
||||
作者:[Jessica Cherry][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[geekpi](https://github.com/geekpi)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://opensource.com/users/cherrybomb
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/rh_003601_05_mech_osyearbook2016_security_cc.png?itok=3V07Lpko (A secure lock.)
|
||||
[2]: https://opensource.com/article/21/4/securing-linux-servers
|
||||
[3]: https://opensource.com/users/sahanasreeram01gmailcom
|
||||
[4]: https://opensource.com/article/21/4/secure-documents-open-source
|
||||
[5]: https://opensource.com/users/ksenia-fedoruk
|
||||
[6]: https://opensource.com/article/21/10/linux-tools-erase-data
|
||||
[7]: https://opensource.com/users/don-watkins
|
||||
[8]: https://opensource.com/article/21/7/generate-passwords-pwgen
|
||||
[9]: https://opensource.com/users/sumantro
|
||||
[10]: https://opensource.com/users/jason-baker
|
||||
[11]: https://opensource.com/article/21/4/open-source-encryption
|
||||
[12]: https://opensource.com/users/seth
|
||||
[13]: http://opensource.com/article/21/2/open-source-security
|
||||
[14]: https://opensource.com/users/mcalizo
|
||||
[15]: http://opensource.com/article/21/2/devsecops
|
||||
[16]: https://opensource.com/tags/security
|
||||
[17]: https://opensource.com/how-submit-article
|
||||
Loading…
Reference in New Issue
Block a user