A system that is connected to the outside world requires other mechanisms to secure it: tools to check files (tripwire), audit tools (tiger/cops), secure access methods (kerberos/ssh), services that monitor logs and machine states (swatch/watcher), packet-filtering and routing tools (ipfwadm/iptables/ipchains), and more.
System security has many dimensions. The security of your system as a whole depends on the security of individual components, such as your e-mail, files, network, login and remote access policies, as well as the physical security of the host itself. These dimensions frequently overlap, and their borders are not always static or clear. For instance, e-mail security is affected by the security of files and your network. If the medium (the network) over which you send and receive your e-mail is not secure, you must take extra steps to ensure the security of your messages. If you save your secure e-mail into a file on your local system, you rely on the filesystem and host access policies for file security. A failure in any one of these areas can start a domino effect, diminishing reliability and integrity in other areas and potentially compromising system security as a whole.
The link for this article located at Help Net Security is no longer available.
