LinuxQuestions.org - Blog Entries

SELinux, syslog-ng, and the like

Posted 06-19-2012 at 10:12 AM by sag47
Updated 08-05-2012 at 12:58 AM by sag47

So recently in my home setup I installed a scheme for centralized logging. I use rsyslog or syslog on the client servers and syslog-ng on the central server. This is nothing new and has been done before.

rsyslog + syslog-ng = gold.

I have a script which parses the syslog-ng logs across all the servers, filters them, and then sends and email with a summary and unusual logs. Each time I got an email I would get, on average, ~200-500 log messages of SELinux errors and...

sag47

Senior Member

Posted in SELinux Adventures

Views 11034 Comments 1 sag47 is offline

Enter your password SUCKER! ;-) (a simple demo)

Posted 05-31-2012 at 10:38 PM by rainbowsally

Tags computer mad science, normal users, security

Enter your password SUCKER!

;-)

Features:

Installer uninstaller in a simple clickable (or at least it should be clickable) script. (You can try setting the file associations these to run scripts with kde-open, xdg-open, gnome-open, ... or try the shell-exec app at this blog.)
Fun. But is it practical? Maybe, and maybe not. It depends on if you already knew how risky handing control of parts of your system to strangers can be.

Question: Who are they protecting...

rainbowsally

Member

Posted in Uncategorized

Views 1255 Comments 0 rainbowsally is offline

SELinux and sshd

Posted 01-02-2012 at 04:55 PM by sag47
Updated 08-05-2012 at 12:58 AM by sag47

Tags security, selinux, ssh

So I've started using the new Fedora 16 on my main media server (previously F14) and decided to try something new this time. I've always set SELinux to permissive which is a bad idea normally for anything public (which this server isn't but I still want it). Anyway I believe I was testing something before I left for the holidays and ran

Code:

setenforce 0

which disables SELinux. I guess at some point it turned back on somehow and I was locked out of ssh. I dug through my logs (/var/log/messages,...

sag47

Senior Member

Posted in SELinux Adventures

Views 12709 Comments 1 sag47 is offline

SELinux and Apache ProxyPass

Posted 12-07-2011 at 12:39 PM by sag47
Updated 08-05-2012 at 12:58 AM by sag47

Tags httpd, security, selinux

Today I was having trouble getting a httpd ProxyPass and ProxyPassReverse to work. As a background I'm working in RedHat Enterprise Linux 6.1. It took me a while to figure out what was wrong (longer than it should have) and as it turns out it worked after I disabled SELinux. So my configs were correct in /etc/httpd/conf.d/* and it passed all config tests. I'm sure you don't want to read a whole post of talking so I'll just get right into the grit of the commands. For the rest of the explanation...

sag47

Senior Member

Posted in SELinux Adventures

Views 13612 Comments 0 sag47 is offline

Limiting and blocking connections dynamically.

Posted 10-31-2011 at 03:46 PM by sag47
Updated 01-29-2014 at 11:14 AM by sag47

Tags fail2ban, iptables, security, selinux

Today I feel like talking about limiting connections which get made to a server. There are a few ways to do it; some cooler than others. I'd like to feature some open source software while I'm at it.

Today I happened upon this thread which hilariously got closed for good reason. Once you wade through all the crap you'll see some pretty cool posts which explain how to limit incoming connections within a certain time period and other suggestions. I'll point out the most useful related...

sag47

Senior Member

Posted in Uncategorized

Views 2619 Comments 0 sag47 is offline

Page 3 of 7

Last »