Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Linux
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Linux Hardening

from [druid] Network Security [Permanent Link]
Subject: RE: Linux Hardening
Date: Fri, 12 Oct 2007 13:54:52 -0400 (EDT)
I would take a serious look at gentoo-hardened, modern system hardening includes things like applying patches to the kernel to utilize canary values to detect memory based attacks, inserting random spacing so memory addresses commonly used to exploit an executable are harder to hit, making sure users can not see other users processes, and then all kinds of service specific stuff depending on what kind of services you want to run. The gentoo hardened project has taken a more holistic approach, though the learning curve on installing/using gentoo is a lot sharper then redhat.

Also don't forget the basics of making sure every service that provides any type of authentication has a lockout defined to thwart brute forcing, and that you are enforcing password complexity rules. Also disabling root login from the WAN is a good idea, and if possible require users to get a VPN established to your colocation to utilize services, though outside of an enterprise this is near impossible, but SSL-VPN technologies do make it a lot easier.

-Eric

On Fri, 12 Oct 2007, Smith Jr, Harry E wrote:

I spoofed the Name in the /etc/redhat-release to RH4.  Everything worked
fine.


-------------------------------------------------------------
Harry E Smith Jr.
Senior Staff System Engineering
(408) 473 6491 (work)
(408) 888 5209 (cell)
(877) 635 1529 (pager)

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Joe_Wulf
Sent: Thursday, October 11, 2007 6:43 PM
To: 'JP Vicente'; 'Matthew Lee Hinman'
Cc: focus-linux@securityfocus.com; Jay Beale
Subject: RE: Linux Hardening

That's pretty normal behavior, actually.  RHEL5 (32 and 64 bit) reports
this as well.
Bastille has been developed for older versions of RHEL.  A newer version
of the OS has been published/released, but Bastille hasn't yet been
updated.

Do make sure you've got a compatible version of Perl-Tk installed along
with bastille.

R,
-Joe Wulf, CISSP, USN(RET)
Senior IA Engineer
ProSync Technology Group, LLC
www.prosync.com

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of JP Vicente
Sent: Thursday, October 11, 2007 17:04
To: Matthew Lee Hinman
Cc: focus-linux@securityfocus.com
Subject: RE: Linux Hardening

Below is the exact error that I got when I ran Bastille on FC7 and
RHEL5.


[root@localhost ~]# InteractiveBastille
ERROR:   Couldn't determine Red Hat version! Setting to 9!
ERROR:   Couldn't determine Red Hat version! Setting to 9!
ERROR:   Couldn't determine Red Hat version! Setting to 9!
NOTE:    Valid display found; defaulting to Tk (X) interface.
ERROR:   Couldn't determine Red Hat version! Setting to 9!
NOTE:    Using Tk user interface module.
ERROR:   Couldn't determine Red Hat version! Setting to 9!
NOTE:    Only displaying questions relevant to the current
configuration.
ERROR:   Couldn't determine Red Hat version! Setting to 9!
ERROR:   Could not load the 'Tk.pm' interface module.This may be due to
an
        invalid $DISPLAY setting,or the module not being visible to
Perl.


-----Original Message-----
From: Matthew Lee Hinman [mailto:matthew.hinman@gmail.com]
Sent: Thursday, October 11, 2007 4:21 PM
To: JP Vicente
Cc: focus-linux@securityfocus.com
Subject: Re: Linux Hardening

The tool is still being actively developed and supported. 3.09 is indeed
the latest verion (found here:
http://bastille-linux.sourceforge.net/index.html)
Can you give a little bit more info about how this isn't working on
later versions of Linux? (like an error message, etc)

- Lee

* jvicente@asft.net <jvicente@asft.net> [2007-10-11 12:36:39 -0000]:

Hi,


I was looking for a Linux hardening tool. I found Bastille. The latest
= version

that I was able to find is 3.09. I cannot seem to get this = version to
work on later versions of Linux (RHEL 5, FC 6,7) = distributions.



Is this tool still being supported? Is there a similar tool out there?


Thanks in advance,

JP 

No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.488 / Virus Database: 269.14.8/1063 - Release Date:
10/11/2007 9:11 AM



No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.488 / Virus Database: 269.14.8/1063 - Release Date:
10/11/2007 9:11 AM






[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Linux Hardening, Sonixxfx
Next by Date:  Re: Linux Hardening, Jure Krasovic
Previous by Thread:  RE: Linux Hardening, Smith Jr, Harry E
Next by Thread:  Re: Linux Hardening, David Francos Cuartero (XayOn)
Indexes:  [Date] [Thread] [Top] [All Lists]