[Wolves] Linux Security

Simon C. Burke simonb at geek-web.co.uk
Thu Oct 2 08:23:18 UTC 2008


On Thu, 2 Oct 2008, David Goodwin wrote:

> Simon C. Burke wrote:
>> Hi all,
>>
>> I recently acquired a Compaq CL380 that I'm currently upgrading and
>> making to a couple of servers, (I think two people may know from where I
>> acquired this server *looks at Chris and Dave*).
>
> Is that me [Dave] ?
> If Chris is involved, I can guess where it's from.
>
>>
>> Are things like SELinux worthwhile? Or can the same effect be achieved
>> by hand per process? (would take an eon I know)
>>
>
> My minimal experiences with SELinux (RHEL5 on a LAMP server) are that it
> can be a right pain in the bum and caused me enough grief to disable it.
> The theory behind it is great - but in my case, it seemed that it
> convienantly forgot the custom modifications I'd made to the SELinux
> policy after a random amount of time - causing the app to stop working.
>
> You might also want to look at AppArmo[u]r
>
> If you're really paranoid about security, I think using Gentoo with a
> kernel with the various PaX stuff enabled it probably the way to go -
> but this may cause other issues (i.e. if $customer expects to get
> support from someone like RedHat)
>
> David.
>
Yeah, it is yourself, I should of mentioned which Chris and Dave to be 
honest. Though, you would of known if it was you or not regardsless (I 
would of hoped anyway).

Luckily the server will serve nothing but mail and web (to replace my 
current server) with a userbase of 3 users currently.

Support is not really an issue as it's effectivly my play server, though 
has some production servers (if you can call it that).

I'm currently looking at apparmour now as well as fwsnort and psad to 
secure it up a little. Thanks for the suggestion.

Regards,
Simon.



More information about the Wolves mailing list