FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 11-21-2010, 09:35 AM
Klistvud
 
Default what to use besides selinux?

Dne, 21. 11. 2010 11:27:09 je Arthur Bela napisal(a):

I

apt-get install selinux

Ok. Reboot. So I'm better protected now, or i have to set a few
things?


I read that selinux is good for post-exploitation situations. What do
i have to google to search for solutions protecting me
"before-exploitations"?


*exploitations ~ intrusions, penetrations, sry4the english :P


Also: secure, securing, harden, hardening, lock-down

--
Cheerio,

Klistvud
http://bufferoverflow.tiddlyspot.com
Certifiable Loonix User #481801 Please reply to the list, not to
me.



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 1290335718.29293.1@compax">http://lists.debian.org/1290335718.29293.1@compax
 
Old 11-21-2010, 12:23 PM
Camaleón
 
Default what to use besides selinux?

On Sun, 21 Nov 2010 11:27:09 +0100, Arthur Bela wrote:

> I
>
> apt-get install selinux
>
> Ok. Reboot. So I'm better protected now, or i have to set a few things?

Congrats. Now your "odessy" starts by here :-P

http://wiki.debian.org/SELinux

> I read that selinux is good for post-exploitation situations. What do i
> have to google to search for solutions protecting me
> "before-exploitations"?

http://www.debian.org/doc/manuals/securing-debian-howto/

But you should be more specific. What services are you running? are all
that services providing remote functionalities? Have you setup a
firewall, IPS, IDS...? What are your requirements (server, home,
workstation usage)?

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: pan.2010.11.21.13.23.22@gmail.com">http://lists.debian.org/pan.2010.11.21.13.23.22@gmail.com
 
Old 11-21-2010, 03:37 PM
Arthur Bela
 
Default what to use besides selinux?

just a normal desktop. [no server function on it]. on a plain notebook.

On 21 November 2010 14:23, Camaleón <noelamac@gmail.com> wrote:
> On Sun, 21 Nov 2010 11:27:09 +0100, Arthur Bela wrote:
>
>> I
>>
>> apt-get install selinux
>>
>> Ok. Reboot. So I'm better protected now, or i have to set a few things?
>
> Congrats. Now your "odessy" starts by here :-P
>
> http://wiki.debian.org/SELinux
>
>> I read that selinux is good for post-exploitation situations. What do i
>> have to google to search for solutions protecting me
>> "before-exploitations"?
>
> http://www.debian.org/doc/manuals/securing-debian-howto/
>
> But you should be more specific. What services are you running? are all
> that services providing remote functionalities? Have you setup a
> firewall, IPS, IDS...? What are your requirements (server, home,
> workstation usage)?
>
> Greetings,
>
> --
> Camaleón
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/pan.2010.11.21.13.23.22@gmail.com
>
>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: AANLkTink+BxMTMsCMDADvD9-7FL7a9Yue59hOqaCgtSU@mail.gmail.com">http://lists.debian.org/AANLkTink+BxMTMsCMDADvD9-7FL7a9Yue59hOqaCgtSU@mail.gmail.com
 
Old 11-21-2010, 03:52 PM
Camaleón
 
Default what to use besides selinux?

On Sun, 21 Nov 2010 17:37:58 +0100, Arthur Bela wrote:

> On 21 November 2010 14:23, Camaleón wrote:

(...)

>> But you should be more specific. What services are you running? are all
>> that services providing remote functionalities? Have you setup a
>> firewall, IPS, IDS...? What are your requirements (server, home,
>> workstation usage)?

> just a normal desktop. [no server function on it]. on a plain notebook.

Then no need to worry about security. Well, _yes_, but no need to be
"paranoid" and installing and configuring SELinux for a desktop
environment is kinda overwhelming, IMO :-)

Keep your system updated with the latest security patches, don't install
packages from untrusted sources... and you're fine.

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: pan.2010.11.21.16.52.11@gmail.com">http://lists.debian.org/pan.2010.11.21.16.52.11@gmail.com
 
Old 11-21-2010, 08:50 PM
"David C. Curtis"
 
Default what to use besides selinux?

On Sun, 2010-11-21 at 11:27 +0100, Arthur Bela wrote:
> I
>
> apt-get install selinux
>
> Ok. Reboot. So I'm better protected now, or i have to set a few things?
>
> I read that selinux is good for post-exploitation situations. What do
> i have to google to search for solutions protecting me
> "before-exploitations"?
>
>
> *exploitations ~ intrusions, penetrations, sry4the english :P


You may wish to read up on 'rootkit detection' and 'intrusion
detection'. There are a number of packages in the repos you may wish to
make use of for both. Some useful for single computer some for multiple
resources/network.






--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-22-2010, 11:21 PM
Mark
 
Default what to use besides selinux?

On Sun, Nov 21, 2010 at 1:50 PM, David C. Curtis
<dave.c.curtis@gmail.com> wrote:
> On Sun, 2010-11-21 at 11:27 +0100, Arthur Bela wrote:
>>
>> apt-get install selinux
>>
>> Ok. Reboot. So I'm better protected now, or i have to set a few things?
>>
>> I read that selinux is good for post-exploitation situations. What do
>> i have to google to search for solutions protecting me
>> "before-exploitations"?
>>
> You may wish to read up on 'rootkit detection' and 'intrusion
> detection'. There are a number of packages in the repos you may wish to
> make use of for both. Some useful for single computer some for multiple
> resources/network.
>
For my home machines (desktops and laptops) I routinely disable
selinux - the one time I ran with it all it did was annoy me with
warnings about things I didn't care about anyway. I hear it's good
for a network set up, but I would second David's recommendation to
read up on those subjects and further on selinux, too. Some people
swear by it, some swear by not it (so to speak).

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-23-2010, 08:40 AM
Oliver Grawert
 
Default what to use besides selinux?

Am Sonntag, den 21.11.2010, 11:27 +0100 schrieb Arthur Bela:
> I
>
> apt-get install selinux
>
> Ok. Reboot. So I'm better protected now, or i have to set a few things?
on an ubuntu system you should probably better go with apparmor than
selinux ...
see:
https://wiki.ubuntu.com/AppArmor
and
https://help.ubuntu.com/10.04/serverguide/C/apparmor.html

ciao
oli
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-23-2010, 10:54 AM
Markus Schönhaber
 
Default what to use besides selinux?

21.11.2010 11:27, Arthur Bela:

> apt-get install selinux
>
> Ok. Reboot. So I'm better protected now, or i have to set a few things?

Since I don't know much about the Ubuntu SELinux packages I can't answer
that question.
Just a general hint: the SELinux packages are in the universe
repository. After the completely fubar'ed[1] update of the Xen kernel
(also from universe) I had a conversation with one of the Ubuntu devs,
and he made it pretty clear that the one and only thing you really can
rely on wrt to universe packages is that you can rely on exactly nothing.
When you did
apt-get install selinux
you probably removed apparmor, which comes from the main repository. So
you exchanged a officially supported security framework for a community
supported one. Personally, that would make me feel the opposite of more
secure.

IMO, if you want to use Ubuntu, stick with apparmor. If you want to use
SELinux, switch to a distribution that really supports it.
And in both cases, make sure you don't get affected by risk
compensation. Just installing something and then thinking "now I'm
secure, nothing can happen to me anymore!" might prove to be the
greatest threat, eventually.

That said, it's up to you to decide, of course.

[1] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/620994

--
Regards
mks

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-23-2010, 02:55 PM
Arthur Bela
 
Default what to use besides selinux?

so you're advising me to use apparmor under ubuntu instead

wow :O

thank you for you're opinion! it was usefull :O

anyone else, regarding the $subject? :O

thank you!

2010/11/23 Markus Schönhaber <ubuntu-users@list-post.mks-mail.de>:
> 21.11.2010 11:27, Arthur Bela:
>
>> apt-get install selinux
>>
>> Ok. Reboot. So I'm better protected now, or i have to set a few things?
>
> Since I don't know much about the Ubuntu SELinux packages I can't answer
> that question.
> Just a general hint: the SELinux packages are in the universe
> repository. After the completely fubar'ed[1] update of the Xen kernel
> (also from universe) I had a conversation with one of the Ubuntu devs,
> and he made it pretty clear that the one and only thing you really can
> rely on wrt to universe packages is that you can rely on exactly nothing.
> When you did
> apt-get install selinux
> you probably removed apparmor, which comes from the main repository. So
> you exchanged a officially supported security framework for a community
> supported one. Personally, that would make me feel the opposite of more
> secure.
>
> IMO, if you want to use Ubuntu, stick with apparmor. If you want to use
> SELinux, switch to a distribution that really supports it.
> And in both cases, make sure you don't get affected by risk
> compensation. Just installing something and then thinking "now I'm
> secure, nothing can happen to me anymore!" might prove to be the
> greatest threat, eventually.
>
> That said, it's up to you to decide, of course.
>
> [1] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/620994
>
> --
> Regards
> *mks
>
> --
> ubuntu-users mailing list
> ubuntu-users@lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-23-2010, 05:14 PM
Ric Moore
 
Default what to use besides selinux?

On Tue, 2010-11-23 at 16:55 +0100, Arthur Bela wrote:
> so you're advising me to use apparmor under ubuntu instead
>
> wow :O
>
> thank you for you're opinion! it was usefull :O
>
> anyone else, regarding the $subject? :O

Depends on your server use. Since the NSA had a major hand in the
development of SELinux, I would chose that if I was handling a server
with high security needs. I'll admit I tried it once and turned it off 5
minutes later. But, I'm not running a server. Those that have mastered
it, swear by it. But, it's not point-n-click simple. Ric

--
My father, Victor Moore (Vic) used to say:
"There are two Great Sins in the world...
..the Sin of Ignorance, and the Sin of Stupidity.
Only the former may be overcome." R.I.P. Dad.
Linux user# 44256


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 08:53 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org