Scientific Linux 6 security package
hey there,
i wanted to ask you if anyone could recommend a scientific linux security package. i know there is a default security package in linux but i want anyone has experience in this topic to recommend any other packages to me. and if i can activate this default package and the non-default package together. i have a cluster and i want to protect my network and my machines from catching any outside world bugs. so anyone can help me on this?? :) thanks |
Scientific Linux comes with SELinux enabled if I'm not mistaken. As far as security concerns in a clustered environment there aren't any special security applications that I'm aware of. There are always host based security packages that check for rootkits like chkrootkit and rkhunter, as well as general configuration helps.. I still use the bastille linux script sometimes , its older but it still helps to automate a lot of the tasks I am too lazy to do. What type of "outside world bugs" are you concerned about? If your concerned about network worms and other types of trojans , they don't officially exist on linux.. there are root-kits and exploits, which you can mitigate the risks of those by always using signed packages from a trusted repository, keeping your machine up to date and disabled un needed services. If your concerned about firewalls which block network attacks Scientific Linux should have a config tool to set the security level, try running this as a Root user from the terminal "system-config-securitylevel-tui" this should start the firewall config tool. Other than that just be vigilant with your logs and if possible have the logging send via syslog to another machine.
|
In other words (loosely speaking), on MS it wasn't really originally designed with security in mind; more an ease of use, so they started trying to bolt on security afterwards. Not the best approach.
Unix was more designed to have security built-in, so most security is just a matter of tweaking the settings of what you've got. As above, SELinux should already be there. You can add chkrootkit, rkhunter. Read the stickies at the top of this Security forum and apply the advice. Do ask if you have more specific qns. |
Unless you have some custom built program that might be busted by an update ,install the normal updates - there are not many .
Just read the list to make 100% sure that they will not be in conflict with any custom software as to security set SELinux to enforcing and targeted - the install DEFAULT make sure that SELinuxTroubleShooter is running and solve any warnings . that is the normal everyday things now if you where a tin foil hat there are other things but unless you are the CIA or NSA ( FBI is using windows) that is mostly it . |
Quote:
Quote:
Quote:
So you still have to understand the threats and take measures to cope with each of them and if you think that you can 'lazy' your way out of that with a script, then that is self-deception. (And, by the way, I used to like Bastille, too. Not sure what the recent state of development of Bastille is, though. Next time, I intend to look at GNU Tiger, to see what that does, but haven't yet had the excuse.) Quote:
Quote:
Note that no hardening script will know whether it is appropriate to your circumstances and architecture to wall off the cluster from the outside world, so, ultimately, you have to sort that out yourself, rather than the script sorting it out for you. Contrariwise, if that is the case, you can't ignore the inside (ie, your users dragging in bad stuff and putting it on to your cluster), and you may be being too casual about that aspect. Or not. Just don't say 'My users are infinitely trustworthy (both failures of competence and active malevolence), I don't ever have to worry about that' because, at least some of the time, that won't actually be true. |
All times are GMT -5. The time now is 04:06 PM. |