Encompassing the Whole World Front Page /// Linux /// Site Index

Secure Linux

Those freindly spooks at America's National Security Agency decided to look into what was required to make a secure operating system. The result was Security Enhanced linux, which has now been integrated into suse and redhat.

By their own admission, this was less than a finished product, so InterSect decided that their customers needed something stronger. so they produced a kernel module called System iNtrusion Analysis and Reporting Environment, or SNARE for short.

As if that wasn't enough, some freindly people produced the Bastille linux security hardening program for mandrake and redhat systems.

Also available is OpenSSH which you use as a secure replacement shell to use instead of things like telnet and ftp, where passwords are sent in plain text. The secure shell solves this. You can also get secure ftp programs as well.

You can also get programs like John the Ripper which is a standard password attack tool which you can use on your own system to make sure the passwords are secure.

You can also harden your system using port scanner tools like asmodeus which will scan all the ports in a given range, and using the database at security focus where you can enter the name of the programs that you are using and it will return a list of known vulnerabilities.

You can also get tools like "tribe flood network" and "stacheldraht" (barbedwire) which can portscan a range of addresses to install a ddos attack network on them. If you use the tool against your own address, you should find out it's vulnerabilities, but I don't have enough info about their methods to recommend that you do this. see also port scanning for security

You might also want to look at SANS which tell you the top twenty security holes on the internet.

NEWS 2002/04: There is now an effort going on to produce an open source online identity and authorisation to challenge microsoft's passport system. This is being done by the Liberty Alliance, which includes some very big names in the computer industry (ie Novell, Hewlett-Packard, Cisko, etc).

NEWS 2002/04: There is a possibility that a lot of security hardening tools will be made illegal by a poorly drafted E.U. law. Aimed at protecting the intellectual property of pay tv operators, this proposed law is so broad in it's definitions that it means that only the hackers will have access to hacking tools, preventing everyone else from using the same tools to harden their systems by virtue of making the possession of these tools illegal.

last modified 19:07 2007/03/29