Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: Security enchanced linux distributions.

  1. #11
    great post!!
    maybe turn one of these 386's sittong around into a firewall router
    better FreeBSD though hehe!

  2. #12
    Junior Member
    Join Date
    Sep 2002
    Posts
    2
    Is there a reason you are limiting yourself to maintained distributions?

    Regardless of the flavor, security is truly dependent upon the configuration of the system. I agree that some distributions have a leg up on others, but I don't think you can have a "one size fits all solution". Some of the best advice ever given about security was the simplest: don't run services you don't need and keep up with patches.

    As always there are plenty of sites (some very good ones have been listed in this thread) to help.

    Good luck on your search.

  3. #13
    Senior Member
    Join Date
    Aug 2002
    Posts
    651
    instronics: I didn't mean just the Devil Linux, but I fully agree with you that Security updates should generally be done manually or pushed from a trusted interal source (i.e. through group policy in an AD domain). Also, even RHN prompts you to see if you want the available updates. You can always choose to ignore them (a pretty simple task so I've found). One thing I choose to ignore on my RH 8 test box is kernel updates. I would prefer to update the kernel myself (when I get around to it). I totally see your point though. Devil Linux sounds great. I am really going to have to get my hands on a copy of it just to play around with it at the very least.


    Cheers

    t2k2
    Opinions are like holes - everybody\'s got\'em.

    Smile

  4. #14
    Fedora Core 2 offers selinux as an install option. At the install prompt add selinux and you are on your way to a whole new world.
    Of course RedHat changed a few of the defaults to selinux just to make life interesting.

  5. #15
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    Gentoo comes with selinux just as FC does. AFAIK SELinux is just a hacked kernel to provide some additional features. I never saw, really, a need for using it on my mobile machine, but maybe I'll recompile my kernel.

    The hardened 2.6.7 kernel I'm using has those options built too although it's not listed as a selinux source.
    /\\

  6. #16
    It's more than a hacked kernel. Its a whole new world. It's not just rwx anymore. Each program is setup to run only the parts of the system that it needs. If you need to change named.conf you need to have rights to named and root does not necessarily get those rights.

  7. #17
    I wish I knew more about the system but here is a great link
    http://people.redhat.com/kwade/fedor...elinux-faq-en/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •