Linux is a multi-user system. What this means is that there can be multiple users that the system knows about. More than one user can be logged in at once, sharing system resources. How does Linux keep all of this straight? It's simple, really: accounts. When a user logs into a system, they give an account name (usually referred to as a username) and a password (quick tangent: never set an account such that it has no password - it will make it easier for anyone to log into your system, not just you). Upon logging in, they are usually placed in their home directory, given access to a certain set of commands and a certain set of files and directories. This access can vary from read access to write access to execute access, as well as any combination of the three.
Normally, in a multi-user environment, a user has a set of recources (files and/or directories) such that they are the only ones with write access. Many times, they are the only ones that even have the ability to read those resources. Understand that if a user has write access to a resource, then they may alter it, overwrite it, or even delete it. Usually, you want to restrict the write access of a user such that they may only write files in their home directory and /tmp (a place that many programs use for temporary storage), but not anywhere else. By default, on all Linux distributions that I've seen, a user will only have write access to their home directory and /tmp, as it should be. For more on permissions, and how to change them, see the man page for chmod.
The root account is a special case. The root account has no restrictions on what it can access, be it for reading, executing, or writing. This is why the root account is so important to keep secure. If a user that should not have access to the root account gains access in some way, then they can do all sorts of malicious things to your system, including the simple, yet highly destructive rm -rf /. Further, the root account (and accounts/permissions in general) are the reason why UNIX based virii are not as prevelant. Since the destructiveness of a user is limited to only what they have write access to, a plain ole user executing malicious code can only do a limited amount of damage. If a user executed the imaginary rm -rf / virus, the system would deny them access to delete / and any of its subdirectories. On the other hand, were root to execute the rm -rf virus, the entire system would be wiped.
This is one of the reasons why one of the first things you should do to a newly installed system is create a user account. You should then use that new user account to do everything, occasionaly using the su command to elevate your priveledge and do things that only root can do. Try to do as little as root as possible. This way, you avoid a foot wound from a bullet.
Passwords are an important part of your system's security. You should always choose difficult to guess passwords (IE, not your birthday, name of your sweetie, name of your pet, etc) and passwords that are not in the dictionary. There are several programs out there that attempt to guess passwords by using words out of dictionaries. One such tool is Crack. For an explaination of how Crack works, please see the Tools section. Password guessing tools nonwithstanding, the real reason you should choose a good password is that if someone is able to guess your password (be it with a tool or just trying various ideas, like your pet's name), then they may log into the system as you. Again, especially important is the root account. Try to come up with a password that is a mix of letters, numbers, capitalization, and symbols that you can remember. It's real easy to come up with a password like 234@%#@fgSDFasf that noone in their right mind can remember. Thus, if it's impossible to remember, someone will write it down. Where I work, it is common to see passwords on sticky notes stuck to monitors. Luckily, none of those people have access to systems I manage! If a password it written down, it's real easy to find and then use to compromise a user's account.
When you telnet, ftp, or browse to a remote system, those requests are answered by services that listen on TCP or UDP ports (well, in this case, all these services are TCP based). When you telnet to a host, telnetd is usually listening on port 23 and gives you a login prompt. Oftentimes, there are services on your own host that you will never use. For instance, do you really need to have an IMAP daemon running on your personal workstation? What about a DNS server, or a POP3 server, or even a web server? It's a really good idea to disable all services that you don't need since they can lead to a remote compromise that gives an intruder root access on your system. While there's no such thing as a truely secure system, one that runs no services is a lot more secure than one that runs many services. We'll discuss more on disabling these services later.
One of the easiest and most effective ways to keep your system secure is to keep up with the latest security related patches. Vendors usually make a good effort at patching security holes in their software when they are notified. By simply keeping up with the security patches as a vendor releases them, you greatly increase the security of your system. Several of the main Linux distributions include a web page dedicated to security fixes. The Linux community has historically been at the front of the pack when it comes to quick fixes to security bugs. We will give URLs to the update web pages of vendors later in this guide.