Can anyone recommend a hardened CentOS distro?
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
06-01-2008, 08:40 PM
John R Pierce
Hardened ver of CentOS?
Rogelio wrote:
Can anyone recommend a hardened CentOS distro?
CentOS /is/ a distro, there is only one centos 'distribution'.
centos configured with selinux enabled, appropriate firewall rules, and
the minimum number of services required for your application should be
fairly 'hardened' as-is.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
06-01-2008, 08:47 PM
"Filipe Brandenburger"
Hardened ver of CentOS?
NSA guides on hardening RHEL5. Should be applicable to CentOS5 as well.
http://www.nsa.gov/snac/downloads_redhat.cfm?MenuID=scg10.3.1.1
I read about this on /. some weeks ago, but I just skimmed through it,
so I can't say how effective I think it is. I thought it would be
useful to point to it on list though.
HTH,
Filipe
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
06-02-2008, 12:51 PM
Rogelio
Hardened ver of CentOS?
John R Pierce wrote:
CentOS /is/ a distro, there is only one centos 'distribution'.
centos configured with selinux enabled, appropriate firewall rules, and
the minimum number of services required for your application should be
fairly 'hardened' as-is.
Understood. I meant CentOS-based, but I suppose the "best" way is to
just roll something myself.
I was hoping to find a nice list HOWTO or script that someone else was
using so I wouldn't have to think through everything from scratch.
Thanks.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
06-02-2008, 01:23 PM
"Plant, Dean"
Hardened ver of CentOS?
Rogelio wrote:
> John R Pierce wrote:
>> CentOS /is/ a distro, there is only one centos 'distribution'.
>> centos configured with selinux enabled, appropriate firewall rules,
>> and the minimum number of services required for your application
>> should be fairly 'hardened' as-is.
>
> Understood. I meant CentOS-based, but I suppose the "best" way is to
> just roll something myself.
>
> I was hoping to find a nice list HOWTO or script that someone else was
> using so I wouldn't have to think through everything from scratch.
>
Have you looked at Bastille Linux?
http://bastille-linux.sourceforge.net/
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
06-02-2008, 02:44 PM
Ned Slider
Hardened ver of CentOS?
Rogelio wrote:
John R Pierce wrote:
CentOS /is/ a distro, there is only one centos 'distribution'.
centos configured with selinux enabled, appropriate firewall rules,
and the minimum number of services required for your application
should be fairly 'hardened' as-is.
Understood. I meant CentOS-based, but I suppose the "best" way is to
just roll something myself.
I was hoping to find a nice list HOWTO or script that someone else was
using so I wouldn't have to think through everything from scratch.
Thanks.
There are some guides around, for example:
http://www.puschitz.com/SecuringLinux.shtml
However security is not a one size fits all solution that can be applied
off the shelf. You need to assess where *your* risks are and what you
should do to minimize them.
Hope that helps.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
06-02-2008, 03:20 PM
"Tom Bishop"
Hardened ver of CentOS?
I have used this on my server http://bastille-linux.sourceforge.net/ ...
On Mon, Jun 2, 2008 at 9:44 AM, Ned Slider <ned@unixmail.co.uk> wrote:
Rogelio wrote:
John R Pierce wrote:
CentOS /is/ a distro, *there is only one centos 'distribution'. * * *centos configured with selinux enabled, appropriate firewall rules, and the minimum number of services required for your application should be fairly 'hardened' as-is.
Understood. *I meant CentOS-based, but I suppose the "best" way is to just roll something myself.
I was hoping to find a nice list HOWTO or script that someone else was using so I wouldn't have to think through everything from scratch.
Thanks.
There are some guides around, for example:
http://www.puschitz.com/SecuringLinux.shtml
However security is not a one size fits all solution that can be applied off the shelf. You need to assess where *your* risks are and what you should do to minimize them.
Hope that helps.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
06-02-2008, 07:04 PM
John Thomas
Hardened ver of CentOS?
Rogelio wrote:
Can anyone recommend a hardened CentOS distro?
Perhaps you can find a Viagra RPM <ducks>
Okay, I'll shut up.
--
Sincerely,
John Thomas
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
06-03-2008, 01:42 AM
William Warren
Hardened ver of CentOS?
John Thomas wrote:
Rogelio wrote:
Can anyone recommend a hardened CentOS distro?
Perhaps you can find a Viagra RPM <ducks>
ROFL!!!!
--
Registered Microsoft Partner
My "Foundation" verse:
Isa 54:17
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Hardened ver of CentOS?
