LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-02-2002, 11:22 AM   #1
jetfreggel
Member
 
Registered: May 2002
Posts: 172

Rep: Reputation: 30
minimum system for security


hi there

i have question about building your minimum system for firewall
and router and i heard about smoothwall
but i wan't to build my own

could someone give me some pointers on how to achieve this

i've got a test system for trying this out

any response would be kind
 
Old 12-02-2002, 11:45 AM   #2
FredrikN
Member
 
Registered: Nov 2001
Location: Sweden
Distribution: GNU/Linux since -97
Posts: 149

Rep: Reputation: 15
Well, here is a short tip
Download the newest Debian release(beacuse it's easy to upgrade and it's very stable)

Then only install the most necessary packets, it will take 70-80 MB if I remember it correct.

Then install FCheck and patch the Kernel with Grsecurity, and then you should be safe

Any questions ?

Last edited by FredrikN; 12-02-2002 at 12:01 PM.
 
Old 12-02-2002, 12:27 PM   #3
jetfreggel
Member
 
Registered: May 2002
Posts: 172

Original Poster
Rep: Reputation: 30
thx for the reply i should mention that i use redhat 8.0
do you know if there is much difference with redhat
i am trying with redhat as i am speaking and remove all package i think i don't
need
and with iptables
but later this week i will give debian a shot

thx again for the reply

another question i wan't to make a script for checking if files have been altered i want to put it in a database is this possible
 
Old 12-02-2002, 04:33 PM   #4
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Rep: Reputation: 46
Check AIDE or Tripwire. These systems are proven to work and do file integrity checking.

Debian is neccessary not more secure than any other distribution. Any distribution can be secure ... it just depends how secure the admin makes it!
 
Old 12-02-2002, 04:37 PM   #5
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Rep: Reputation: 46
You might be interested in Securing Linux Servers for Service Providers a pretty useful document when it comes to security!
 
Old 12-03-2002, 11:08 AM   #6
jetfreggel
Member
 
Registered: May 2002
Posts: 172

Original Poster
Rep: Reputation: 30
thx for the replies
i 've been reading that pdf
and there are very usefull tips in there

i 've still got a few questions

is linux bastille as usefull for learning security issue
if your a security newbie

and is it possible to make your own linux distro
with a kernel and various other things
and make that running of do have to know a lot of
c programming (which i am learning as we speak )

thx again for the replies ang the link
 
Old 12-03-2002, 04:57 PM   #7
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
If you're bent on making your own LFS-type fw/rtr and you want to make it spiffy, then IMO you gotta make sure you know the basic networking and security stuff. I'll post some refs below.

Next I'd take a few router specific distro's and rip 'em apart to see what makes 'em tick, rip the best bits and features and then build your own. Intermediate level knowledge of Linux and programming will come in handy.

Basic references:
- AUSCERT UNIX Computer Security Checklist (Version 1.1) www.cert.org/tech_tips/AUSCERT_checklist1.1
- Steps for Recovering from a UNIX or NT System Compromise www.cert.org/tech_tips/root_compromise.html
In fact read the whole of http://www.cert.org/tech_tips/
- The CIT Computer Security Handbook: www.cit.nih.gov/security/handbook.html
- Aging stuff from Phrack, good to read back to be sure, like "Unix System Security Issues" www.fc.net/phrack/files/p18/p18-7.html
- SEI stuff like www.sei.cmu.edu/publications/lists.html handling IDS
- Intrusion Detection and Network Auditing on the Internet www.infosyssec.net/infosyssec/intdet1.htm

Top it off with some reading material on security:
- Security tips: www.cert.org/tech_tips/ and www.cert.org/security-improvement/, http://www.securityportal.com/resear...xsecurity.html
- Top ten vulnerabilities: www.sans.org/topten.htm and http://www.cert.org/present/cert-ove...ends/index.htm
- Firewalling: www.infosyssec.net/infosyssec/firew1.htm, www.linux-firewall-tools.com/linux/
- Securing Xwindows: http://www.uwsg.indiana.edu/usail/ex...d/xsecure.html

Basic Linux references:
http://www.sans.org/infosecFAQ/linux/linux_list.htm
- The SANS Reading room: Linux issues (used Google's cache),
- the LASG or Linux Administrator's Security Guide,
- Securing Optimizing Linux RH Edition(1),
- Linux Security HOWTO,
*Linuxsecurity.com have a Quickreference pdf card.
Post-Installation Security Procedures (Linuxjournal)
- Security Quick-Start HOWTO for Linux,
- The Linux-PAM System Administrators' Guide
- Armoring Linux,
- A Short Course on Systems Administration and Security Under Unix(1)
- SAG: The Linux System Administrator's Guide,
- Basics on firewalling: www.linuxdoc.org/HOWTO/Firewall-HOWTO.html
- Basic introduction to building ipchains rules: www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html
- Explanation of the Ipchains logformat: logi.cc/linux/ipchains-log-format.php3
- Ipchains log decoder: dsl081-056-052.dsl-isp.net/dmn/decoder/decode.php
- The Iptables HOW-TO: http://people.unix-fu.org/andreasson/index.html
- LQ notes on Linksys security: http://www.linuxquestions.org/questi...007#post157007
- The Unix Auditor's Practical Handbook: http://www.nii.co.in/tuaph.html,
Neohapsis archives: http://www.neohapsis.com
Linux Gazette: http://www.linuxgazette.com
Experts exchange: http://www.experts-exchange.com
Linuxsecurity.com, SecurityFocus.com
Matt's Unix Security Page: http://www.deter.com/unix/
E-secure-db Security Information database: http://www.e-secure-db.us/dscgi/ds.p...ollection-1586
eBCVG.com's security portal: http://www.ebcvg.com/info.php
Jay Beale's docs (Bastille-linux/CIS): http://www.bastille-linux.org/jay/se...icles-jjb.html
Snort: IDS Installation with Mandrake 8.2, Snort, Webmin, Roxen Webserver, ACID, MySQL: http://www.linux-tip.net/workshop/id.../ids-snort.htm
Snort: Database support FAQ: http://www.incident.org/snortdb/

Or, if ure just cruisin for links, try n read something else, search/visit these places/ppl that mean something: Sans, CERT, AUSCERT, Lance Spitz, dugsong, loki, Robert Graham, Dave Dittrich, Wietse Venema, Fyodor, Mixter, CHU and Immortal Descendants, Monark to name but a few.

A combination of Protocols & services is in the Linux Network Administrators Guide (NAG)
Else theres more brainfood at
Uri's TCP resource list: www.private.org.il/tcpip_rl.html,
Daryl's TCP/IP primer: www.tcpipprimer.com,
Teach Yourself TCP IP in 14 Days: www.sivik.org/Books/Teach Yourself TCP IP in 14 Days/
Macmillan's "Maximum Security".

A word on O'Reilly's TCP/IP Network Administration.
O'Reilly has a myriad of books of which, unfortunately for them, some can also be found online, just search for "O'reilly and bookshelf", "o'reilly reference bookshelf" or "o'reilly cd bookshelf" :-]

Netfilter+Iptables HOWTO:
LQ search: iptables+howto,
Linuxguruz.org,
Netfilter.org Packetfiltering HOWTO,
Linuxsecurity.com Iptables tutorial,
Andreasson's Iptables tutorial,
Iptables Connection tracking.

Ipchains HOWTO:
TLDP Ipchains HOWTO,
Flounder.net Ipchains HOWTO.

Other resources/misc stuff:
FAQ: Firewall Forensics (What am I seeing?),
Linux Firewall and Security Site,
Auditing Your Firewall Setup (old, still usefull),
TLDP: Firewall Piercing mini-HOWTO"],
Something called the "Home PC Firewall Guide",
Vendor/Ethernet MAC Address Lookup,
Netfilter Iptabes/Ipchains Log Format,
Dshield (find out if IP was marked as used in attacks),
(Snort) Port search,
Neohapsis Port search,
(IPMasq) P2P ports,
Infosyssec's Firewall Security and the Internet (badly updated site).

Nil volentibus arduum or "keep your eye on the money",
as it could be translated in these modern times...

HTH
 
Old 12-04-2002, 01:43 AM   #8
FredrikN
Member
 
Registered: Nov 2001
Location: Sweden
Distribution: GNU/Linux since -97
Posts: 149

Rep: Reputation: 15
Heheh , way to go unSpawn :-)

Great sites

Last edited by FredrikN; 12-04-2002 at 02:51 AM.
 
Old 12-04-2002, 10:09 AM   #9
jetfreggel
Member
 
Registered: May 2002
Posts: 172

Original Poster
Rep: Reputation: 30
thx for the major supply of links (again)

i 'll think i 'm way over my head here

i'll first finish my c programming course and hooby a year of so

and read your fontain of knowledge

and then in the end give it a try



thx again
 
Old 12-04-2002, 12:33 PM   #10
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
FredrikN: naw, it's just a small reference list. Gets posted aprox each month when I see fit. Good additions are welcome as usual.

jetfreggel: i 'll think i 'm way over my head here
Graft yer basic Yoda-speak onto old wisdom and you prolly end up with something like "being, one step, of a journey, the start".
It's still right tho. Don't try to swamp yourself in stuff.
 
Old 12-04-2002, 12:51 PM   #11
jetfreggel
Member
 
Registered: May 2002
Posts: 172

Original Poster
Rep: Reputation: 30
hey unspawn
is this the start or is there still more or is that advanced stuff

(but i made already a start)
thx again
am i speaking yoda-speak?????
 
Old 12-05-2002, 02:55 AM   #12
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Uh. Ok. I remember now.
Btw, what advanced stuff you're talking about?

Btw[1] about Yoda-speak, just leave it be. Yoda-speak best left in dark damp corners of remote swamp or frozen on Toth's plains...
 
Old 12-05-2002, 10:55 AM   #13
jetfreggel
Member
 
Registered: May 2002
Posts: 172

Original Poster
Rep: Reputation: 30
i tought like how cryptology and logaritme works and that sort of stuff(mathematical)

but i am not interrested now let me first walk this path and learn
to understand c and
then if i am not to old or dead then i want to know maybe more
about that

thx again for your reply
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Minimum system requirements vital_101 Ubuntu 6 05-14-2007 10:43 PM
Minimum tools for security exalik Linux - Security 1 10-07-2003 03:12 AM
minimum system for RH 7.1 JO770 Linux - Hardware 2 02-18-2003 10:27 PM
What should I do to have a minimum security system in MDK9? geraldomanaus Linux - Security 8 11-22-2002 05:58 AM
Minimum system requirements hnmiv Linux - General 7 12-09-2001 03:00 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:29 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration