Quote:
Originally Posted by toma20082010
hey there,
i wanted to ask you if anyone could recommend a scientific linux security package.
|
...not directly, but...
Quote:
Originally Posted by toma20082010
i know there is a default security package in linux
|
I don't know exactly what you mean by this (the idea that Linux is more secure than some other systems by default, something in particular, like iptables, SELinux...); please try to give more detail.
Quote:
Originally Posted by tekhead2
I still use the bastille linux script sometimes , its older but it still helps to automate a lot of the tasks I am too lazy to do.
|
The important thing with 'hardening' scripts or procedures like this is knowing what that is relevant to your situation that they
don't do. Yes, they do a lot of useful stuff and with close to zero effort they may well do 80% of what you want in some particular situation, but if that then gives you a false sense security that leads you to ignore the other 20%, then it is not such a good deal.
So you still have to understand the threats and take measures to cope with each of them and if you think that you can 'lazy' your way out of that with a script, then that is self-deception. (And, by the way, I used to like Bastille, too. Not sure what the recent state of development of Bastille is, though. Next time, I intend to look at GNU Tiger, to see what that does, but haven't yet had the excuse.)
Quote:
Originally Posted by toma20082010
.
i know there is a default security package in linux
but i want anyone has experience in this topic to recommend any other packages to me.
and if i can activate this default package and the
non-default package together.
|
For that, we'd have to know
exactly what you mean by the default. But these things tend to be modular, and there shouldn't really be any problem using more than one security package, provided that they don't run two programs for the exact same thing. You wouldn't want to run two (real) firewalls on one box, for example (but, then you wouldn't even try to run iptables twice, would you?). But running iptables and SELinux - good, even if you take the step of describing SELinux as an application firewall.
Quote:
Originally Posted by toma20082010
i have a cluster and i want to protect my network
and my machines from catching any outside world bugs.
|
It
sounds as though this is something like a compute cluster, and you could firewall off your cluster from the outside world (ie, allow the outside world to start no connections to the cluster, and only allow the cluster to get anything from the outside world under the tightest of restrictions). If that's the case, the concern about nasty people in the outside world doing nasty things go down considerably.
Note that no hardening script will know whether it is appropriate to your circumstances and architecture to wall off the cluster from the outside world, so, ultimately, you have to sort that out yourself, rather than the script sorting it out for you.
Contrariwise, if that is the case, you can't ignore the inside (ie, your users dragging in bad stuff and putting it on to your cluster), and you may be being too casual about that aspect. Or not. Just don't say 'My users are infinitely trustworthy (both failures of competence and active malevolence), I don't ever have to worry about that' because, at least some of the time, that won't actually be true.