OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Jay Beale (jaymandrakesoft.com)
Date: Sat Feb 17 2001 - 12:24:35 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    http://medusa.fornax.sk

    There are tons of docs -- further, there was a good Linux Journal/Magazine on
    this about 3-6 months ago...

    Again, let's try to make a good comparison of LIDS, Medusa, and SeLinux.

     - Jay

    In the wise words of Russell Elik Rademacher:

    > Sure thing. Hmmm...Medusa DS9? Hmmmm...first time I heard of it. Can you
    > send me the details about it?
    >
    > But as for the rest, I can send the patches for the kernel, which is
    > composed to two files plus one line addition into the .spec file and the rpm
    > package of the LIDS addon utility and the files to work with the Mandrake
    > System in general but I probably need to put in some reference lines for
    > other stuff that is common with Mandrake.
    >
    > You will be pleased that I have sort of finalized the entire system and it
    > seems to be working great. Sort of make you consider the new way of
    > thinking of how to secure the system when you get into root, you realize
    > that you cannot do most of the stuff that normal super-user can do, unless
    > you turn off the LIDS Local Mode to do the changes.
    >
    > Expect the stuff sent to you in a few hours.
    >
    > The current configuration I have is composed as follows:
    >
    > Qmail
    > ProFTPD
    > OpenSSH
    > OpenLDAP
    > Apache
    > Ping & Traceroute disabled, even for users, but available when local LIDS is
    > disabled.
    >
    > So...this is pretty good setup. I am still adding more rules and such as I
    > go on, but it is really nice system.
    >
    > ----------------------------------------------
    > Linux Administrator & Consultant
    > Russell "Elik" Rademacher
    >
    >
    > -----Original Message-----
    > From: jaymandrakesoft.mandrakesoft.com
    > [mailto:jaymandrakesoft.mandrakesoft.com]On Behalf Of Jay Beale
    > Sent: Wednesday, February 14, 2001 1:36 PM
    > To: security-discusslinux-mandrake.com
    > Cc: Matthew Micene
    > Subject: Re: [Security Discuss] LIDS into the Kernal?
    >
    >
    >
    >
    > In the wise words of Russell Elik Rademacher:
    >
    > > Yes I have. It is still in work in progress, but I got most of the basic
    > > functionality locked down, and I am working on some common tools which
    > need
    > > to be available to everyone like the traceroute or ping tools plus
    > nslookup.
    > > :)
    >
    > It sounds like you've got something good going. Let's take a look. I'll
    > admit
    > that I'm weighing Medusa DS9 more than LIDS, and SeLinux more than that.
    > But
    > let's look at your configuration.
    >
    > Can you get something to Chmoel, Vince and me?
    >
    > - Jay
    >
    >
    > --
    > Jay Beale
    > Security Team Director Lead Developer
    > Mandrakesoft Bastille Linux
    > http://www.mandrakesoft.com http://www.bastille-linux.org
    >
    >
    >
    > 

    -- 
Jay Beale               
Security Team Director                  Lead Developer
Mandrakesoft                            Bastille Linux
http://www.mandrakesoft.com             http://www.bastille-linux.org