Local security for red hat 7.1

Local security for red hat 7.1

Post by Krish Ahy » Sun, 03 Jun 2001 14:23:49



Is there somewhere I can read on how to secure Linux against local exploits?

Thanks.

- Krish

 
 
 

Local security for red hat 7.1

Post by Richard Thripplet » Mon, 04 Jun 2001 21:36:22



>Is there somewhere I can read on how to secure Linux against local exploits?

>Thanks.

>- Krish

        Try poring through http://www.redhat.com/support/alerts/
There might be some stuff on local exploits.

Richard

 
 
 

Local security for red hat 7.1

Post by <elle.. » Tue, 05 Jun 2001 00:55:25



>>Is there somewhere I can read on how to secure Linux against local exploits?

>    Try poring through http://www.redhat.com/support/alerts/
> There might be some stuff on local exploits.

At the risk of being flamed by the zealots among us, I'd be
careful. Unix-ish systems have a really bad track record historically
speaking, and Linux isn't exactly a poster child in this department
either.

If it's an absolute must, you need to be prepared to invest some
man-months incorporating mandatory acess controls. (ie, either selinux
or rsbac) Hopefully, 2.5 will have better hooks for security modules,
so we'll see more security focused distributions emerge.

If you want to be safe with a minimum amount of fuss, two projects
worth looking into are LIDS and Low-Access Mandatory Access Controls
(try searching for lomac via freshmeat). Lomac is an interesting idea,
and probably the least painful of the above options.

There are also various solutions in user space, such as lib-safe and
the bounds checking patch for gcc, that let you trade off runtime
efficiency for security. While they're not the ideal solution from an
engineering standpoint, they do tend to be much less intrusive to
install, and can be effective.

None of this, of course, is a substitute for properly configuring the
shell server in the first place. Installed but unused software and
misconfigured apps are account for a large portion of local incidents.

--

 
 
 

Local security for red hat 7.1

Post by ENTREKE » Thu, 14 Jun 2001 20:09:43


Richard

U are welcome to visit my page on Security

http://home.att.net/~entreken/security.htm

U might also find the Linux page of interest

These are just Home Pages no commercials



> >>Is there somewhere I can read on how to secure Linux against local
exploits?

> > Try poring through http://www.redhat.com/support/alerts/
> > There might be some stuff on local exploits.

> At the risk of being flamed by the zealots among us, I'd be
> careful. Unix-ish systems have a really bad track record historically
> speaking, and Linux isn't exactly a poster child in this department
> either.

> If it's an absolute must, you need to be prepared to invest some
> man-months incorporating mandatory acess controls. (ie, either selinux
> or rsbac) Hopefully, 2.5 will have better hooks for security modules,
> so we'll see more security focused distributions emerge.

> If you want to be safe with a minimum amount of fuss, two projects
> worth looking into are LIDS and Low-Access Mandatory Access Controls
> (try searching for lomac via freshmeat). Lomac is an interesting idea,
> and probably the least painful of the above options.

> There are also various solutions in user space, such as lib-safe and
> the bounds checking patch for gcc, that let you trade off runtime
> efficiency for security. While they're not the ideal solution from an
> engineering standpoint, they do tend to be much less intrusive to
> install, and can be effective.

> None of this, of course, is a substitute for properly configuring the
> shell server in the first place. Installed but unused software and
> misconfigured apps are account for a large portion of local incidents.

> --


 
 
 

1. Red Hat 7.1 - Installing Red Hat packages after Red Hat is already installed.

How can I install packages that I forgot to install with the Red Hat
7.1 installation?

Here's my problem:
Various pieces of Red Hat keep saying that I am missing a file and
that it needs to be installed with a certain package (namely most of
the Kontrol Panel).  But I have been unsuccessful at finding where
this is done.  I am still a newbie with Linux, but I would assume that
there should be an "Add/Remove Programs" equivalent with Linux.

Please help!

2. WHO ISN'T RUNNING SOLARIS

3. Can U install Red Hat 6rpm's in Red 7.1 ?

4. Help compiling kernel

5. configurar red local red hat 7.0 y windows millenium

6. Linux and Compaq

7. Red Hat 7.1 PATH question

8. fix APIC errors on oprofile restore

9. Red Hat 7.1 Newbie Install Queston

10. Red Hat 7.1 kernel updates are out

11. date(minutes) change in bash on red hat 7.1

12. Red Hat 7.1 - Which CD-ROM?

13. Installing an Ami MegaRaid express 500 (40LD) in a Red Hat 7.1