FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 06-01-2008, 07:53 PM
Rogelio
 
Default Hardened ver of CentOS?

Can anyone recommend a hardened CentOS distro?
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-01-2008, 08:40 PM
John R Pierce
 
Default Hardened ver of CentOS?

Rogelio wrote:

Can anyone recommend a hardened CentOS distro?


CentOS /is/ a distro, there is only one centos 'distribution'.
centos configured with selinux enabled, appropriate firewall rules, and
the minimum number of services required for your application should be
fairly 'hardened' as-is.



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-01-2008, 08:47 PM
"Filipe Brandenburger"
 
Default Hardened ver of CentOS?

NSA guides on hardening RHEL5. Should be applicable to CentOS5 as well.
http://www.nsa.gov/snac/downloads_redhat.cfm?MenuID=scg10.3.1.1

I read about this on /. some weeks ago, but I just skimmed through it,
so I can't say how effective I think it is. I thought it would be
useful to point to it on list though.

HTH,
Filipe
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-02-2008, 12:51 PM
Rogelio
 
Default Hardened ver of CentOS?

John R Pierce wrote:
CentOS /is/ a distro, there is only one centos 'distribution'.
centos configured with selinux enabled, appropriate firewall rules, and
the minimum number of services required for your application should be
fairly 'hardened' as-is.


Understood. I meant CentOS-based, but I suppose the "best" way is to
just roll something myself.


I was hoping to find a nice list HOWTO or script that someone else was
using so I wouldn't have to think through everything from scratch.


Thanks.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-02-2008, 01:23 PM
"Plant, Dean"
 
Default Hardened ver of CentOS?

Rogelio wrote:
> John R Pierce wrote:
>> CentOS /is/ a distro, there is only one centos 'distribution'.
>> centos configured with selinux enabled, appropriate firewall rules,
>> and the minimum number of services required for your application
>> should be fairly 'hardened' as-is.
>
> Understood. I meant CentOS-based, but I suppose the "best" way is to
> just roll something myself.
>
> I was hoping to find a nice list HOWTO or script that someone else was
> using so I wouldn't have to think through everything from scratch.
>

Have you looked at Bastille Linux?

http://bastille-linux.sourceforge.net/
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-02-2008, 02:44 PM
Ned Slider
 
Default Hardened ver of CentOS?

Rogelio wrote:

John R Pierce wrote:
CentOS /is/ a distro, there is only one centos 'distribution'.
centos configured with selinux enabled, appropriate firewall rules,
and the minimum number of services required for your application
should be fairly 'hardened' as-is.


Understood. I meant CentOS-based, but I suppose the "best" way is to
just roll something myself.


I was hoping to find a nice list HOWTO or script that someone else was
using so I wouldn't have to think through everything from scratch.


Thanks.



There are some guides around, for example:

http://www.puschitz.com/SecuringLinux.shtml

However security is not a one size fits all solution that can be applied
off the shelf. You need to assess where *your* risks are and what you
should do to minimize them.


Hope that helps.

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-02-2008, 03:20 PM
"Tom Bishop"
 
Default Hardened ver of CentOS?

I have used this on my server http://bastille-linux.sourceforge.net/ ...

On Mon, Jun 2, 2008 at 9:44 AM, Ned Slider <ned@unixmail.co.uk> wrote:

Rogelio wrote:


John R Pierce wrote:


CentOS /is/ a distro, *there is only one centos 'distribution'. * * *centos configured with selinux enabled, appropriate firewall rules, and the minimum number of services required for your application should be fairly 'hardened' as-is.





Understood. *I meant CentOS-based, but I suppose the "best" way is to just roll something myself.



I was hoping to find a nice list HOWTO or script that someone else was using so I wouldn't have to think through everything from scratch.



Thanks.






There are some guides around, for example:



http://www.puschitz.com/SecuringLinux.shtml



However security is not a one size fits all solution that can be applied off the shelf. You need to assess where *your* risks are and what you should do to minimize them.



Hope that helps.



_______________________________________________

CentOS mailing list

CentOS@centos.org

http://lists.centos.org/mailman/listinfo/centos



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-02-2008, 07:04 PM
John Thomas
 
Default Hardened ver of CentOS?

Rogelio wrote:

Can anyone recommend a hardened CentOS distro?

Perhaps you can find a Viagra RPM <ducks>

Okay, I'll shut up.

--
Sincerely,
John Thomas
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-03-2008, 01:42 AM
William Warren
 
Default Hardened ver of CentOS?

John Thomas wrote:

Rogelio wrote:

Can anyone recommend a hardened CentOS distro?

Perhaps you can find a Viagra RPM <ducks>



ROFL!!!!

--
Registered Microsoft Partner

My "Foundation" verse:
Isa 54:17
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 02:33 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org