LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Red Hat
User Name
Password
Red Hat This forum is for the discussion of Red Hat Linux.

Notices


Reply
  Search this Thread
Old 04-18-2008, 08:24 AM   #1
windowsnot
LQ Newbie
 
Registered: Apr 2008
Location: Boston, MA
Distribution: RHEL4, Fedora 6,7, CentOS 4
Posts: 4

Rep: Reputation: 0
What are the security differencs between RHEL4 and RHEL5?


Good Morning Everyone,

Does anyone know the security differencs between RHEL4 and RHEL5?

thank you.

-windowsnot
 
Old 04-18-2008, 08:55 AM   #2
blacky_5251
Member
 
Registered: Oct 2004
Location: Adelaide Hills, South Australia
Distribution: RHEL 5&6 CentOS 5, 6 & 7
Posts: 573

Rep: Reputation: 61
That's a hard question to answer. Two things come to mind:-
  • Disk encryption with LUKS
  • SELinux - MCS & MLS
SELinux is generally improved (to the point you can use it).

Are you concerned about anything specifically?
 
Old 04-18-2008, 12:24 PM   #3
windowsnot
LQ Newbie
 
Registered: Apr 2008
Location: Boston, MA
Distribution: RHEL4, Fedora 6,7, CentOS 4
Posts: 4

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by blacky_5251 View Post
That's a hard question to answer. Two things come to mind:-
  • Disk encryption with LUKS
  • SELinux - MCS & MLS
SELinux is generally improved (to the point you can use it).

Are you concerned about anything specifically?
Thanks for the feedback...

Yes...I am more concerned with things like auditd, faillog, security relevant objects. Are they still the same in RHEL5 Has any new software been added to RHEL5 that can be considered security hazard?

My current job requires that a version of OS that has never been installed be pre-approved by our security team before it can be loaded on a system...
the IS security team would like to know what the significant differences in security are from RHEL4 to RHEL5. Of course I can't tell them because I can't load it on a system until it is approved...

They have sent me on a goose chase to find out what the differences are and present them the details so that we can officially used RHEL5 for production use...
 
Old 04-18-2008, 12:33 PM   #4
XavierP
Moderator
 
Registered: Nov 2002
Location: Kent, England
Distribution: Debian Testing
Posts: 19,192
Blog Entries: 4

Rep: Reputation: 475Reputation: 475Reputation: 475Reputation: 475Reputation: 475
The best way to answer that is to look at the changelogs, they will tell you what is different between the 2 versions and to which version packages are at. Though frankly I would have thought that assessing security is part of the security team's remit not yours...?
 
Old 04-18-2008, 12:51 PM   #5
windowsnot
LQ Newbie
 
Registered: Apr 2008
Location: Boston, MA
Distribution: RHEL4, Fedora 6,7, CentOS 4
Posts: 4

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by XavierP View Post
The best way to answer that is to look at the changelogs, they will tell you what is different between the 2 versions and to which version packages are at. Though frankly I would have thought that assessing security is part of the security team's remit not yours...?
You have hit the nail right on the head my friend...
but it is one of those things that you can't argue with...

Thanks for the info I will check that out...
 
Old 04-23-2008, 10:08 AM   #6
willc
LQ Newbie
 
Registered: Apr 2008
Posts: 4

Rep: Reputation: 0
This may not explain the difference between RH4 and RH5 too well, but it may give you a little ammunition to make the case for 5.

From the RHEL 5 Features page:
Quote:
Security
* SELinux enhancements include Multi-Level Security and targeted policies for all services
* SEtroubleshooter GUI simplifies SELinux management
* Integrated directory and security capabilities
* IPSEC enhancements improve security and performance
* ExecShield enhancements, such as a call frame Canary word, strengthen hacker defenses
* New Audit features provide powerful new search/reporting and real-time monitoring
This page regarding RH Certifications and Accreditations explains how much attention they put into meeting the various security requirements of state/federal IT security regulations.

Hope that helps!
 
Old 04-23-2008, 03:21 PM   #7
dasy2k1
Member
 
Registered: Oct 2005
Location: 127.0.0.1
Distribution: Manjaro
Posts: 963

Rep: Reputation: 35
would it not be better for them to install it one one non-production fully isolated test bed and then thoroughly asses that,
 
Old 07-18-2008, 01:47 AM   #8
hardcorelinux
Member
 
Registered: Jan 2005
Location: India
Distribution: RHEL,CentOS,SUSE,Solaris10
Posts: 183

Rep: Reputation: 31
Quote:
Originally Posted by windowsnot View Post
Thanks for the feedback...

Yes...I am more concerned with things like auditd, faillog, security relevant objects. Are they still the same in RHEL5 Has any new software been added to RHEL5 that can be considered security hazard?
Multilevel security implementation for SELinux (2.6.12)

Audit subsystem

support for process-context based filtering (2.6.17)

more filter rule comparators (2.6.17)


TCP/UDP getpeercon: enabled security-aware applications to retrieve the entire security context of a process on the other side of a socket using an IPSec security association. If only MLS-level information is needed or interoperability with legacy unix system is required, NetLabel can be used in place of IPSec.
 
Old 07-18-2008, 05:04 PM   #9
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
I'm moving this to Red Hat, as it's a 100% distro-specific question.

I'll leave a redirect in Security for a few days.
 
Old 07-19-2008, 01:54 PM   #10
cmnorton
Member
 
Registered: Feb 2005
Distribution: Ubuntu, CentOS
Posts: 585

Rep: Reputation: 35
MySQL 5

You get the latest version of MySQL, instead of purchasing it in an application stack add-on.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
RHEL4 vs RHEL5 new database servers dfezz1 Linux - Enterprise 1 03-05-2008 12:08 PM
Differences of DNS on RHEL4 & RHEL5 shinoj Linux - Newbie 2 01-06-2008 10:25 AM
why rhel4 samba "user security" setting diffrence with rhel5? hocheetiong Linux - Newbie 0 12-21-2007 01:31 AM
how to uninstall rhel4 &rhel5 O/S jagadeesh.nagireddy Linux - Enterprise 2 10-17-2007 09:53 PM
Rhel4/ Rhel5 rehan999 Linux - Software 2 09-01-2007 12:42 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Red Hat

All times are GMT -5. The time now is 04:30 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration