Recently I came across an article requesting for ways to fix a security loophole in Centos operating system. I have been thinking of installing Centos on my laptop but now I have reservations about this idea of installing a Linux operating system, especially Centos. I want to know the major issues you have found or you know of with regards to Centos.
Why Do Hackers Find it Easy to Attack Centos Server?
Hello Esteban K Benton,  There is always a security treat in Linux. In Centos there are so much vulnerabilities so it makes hackers life easily. They can easily crack your system because you don't have any special guard for protection. So move on to window operating system. Window OS also does not safe but it is much more safe than Centos.
Why Do Hackers Find it Easy to Attack Centos Server?
I’m not sure if there is a particular operating system that doesn’t have security vulnerability or a system that is immune to all kinds of attacks. Before, Mac OS X is not being targeted by viruses and only Microsoft Windows is the one getting infected. But nowadays, Mac OS X is now included in the list of operating systems that are getting exploited.
Here is a short list of common exploits in CentOS:
-
Null or Default Passwords – here, administrative passwords are left blank or sometimes is using the default password set by the product vendor. This is pretty much common in networking hardware like routers, firewalls, VPNs, and NAS appliances or Network Attached Storage.
-
Default Shared Keys – this is common in wireless access points as well as pre-configured secure server appliances. Occasionally, secure services ship default security keys for development and or evaluation testing purposes. If you don’t change the keys and you placed it in a production workspace or environment on the internet, any users that have the same default keys can have access to that shared-key resource including any sensitive information it may contain.
-
IP Spoofing – this is somewhat difficult because the attacker needs to predict or guess the TCP/IP SYN-ACK numbers to direct a connection to target systems. Here, a remote machine serves as a node on your local network which will then search for vulnerabilities with your servers, and then installs a Trojan horse or a backdoor program to get control over your network resources.