Results 1 to 9 of 9

Thread: hardened linux versions

  1. #1

    hardened linux versions

    I plan to intall LaBrea on the linux machine exposed directly to the internet. Are there any linux pre-hardened versions that I can download?

    P.S> Trinux is not really easy to manage so look for something else...

    thx

  2. #2
    Moderator
    Good Guru
    Schotty's Avatar
    Join Date
    Jul 2001
    Location
    Milwaukee, WI
    Posts
    5,760

    Re:hardened linux versions

    Well, there's the NSA kernel that is available. Bastille is pretty hardened. And you can't forget OpenBSD and FreeBSD.

  3. #3

    Re:hardened linux versions

    1. What is NSA kernel?
    2. Bastille script hardens the existing installation, but I'm looking for simething right 'out-of-the-box'
    3. The whole idea is to have this host completely open, yet as hardened as possible. (no firewalls, nothing, all ports are opened-this will be used for sticky honeypot, which is LaBrea in fact).

  4. #4
    Moderator
    Advisor
    redhead's Avatar
    Join Date
    Jun 2001
    Location
    Copenhagen, Denmark
    Posts
    811

    Re:hardened linux versions

    [quote author=elovkoff link=board=1;threadid=3661;start=0#37139 date=1023477494]
    1. What is NSA kernel?
    [/quote]
    http://www.nsa.gov/selinux/
    [

  5. #5
    Moderator
    Kind Mastermind
    stryder144's Avatar
    Join Date
    Aug 2001
    Location
    Denver, CO
    Posts
    2,926

    Re:hardened linux versions

    [quote author=elovkoff link=board=1;threadid=3661;start=0#37139 date=1023477494]
    1. What is NSA kernel?
    2. Bastille script hardens the existing installation, but I'm looking for simething right 'out-of-the-box'
    3. The whole idea is to have this host completely open, yet as hardened as possible. (no firewalls, nothing, all ports are opened-this will be used for sticky honeypot, which is LaBrea in fact).
    [/quote]

    I take it your trying to catch people, yet still keep your system up and running? It sounds like a sting operation. Cool.

  6. #6
    Moderator
    Good Guru
    Schotty's Avatar
    Join Date
    Jul 2001
    Location
    Milwaukee, WI
    Posts
    5,760

    Re:hardened linux versions

    Honeypots are supposed to do that -- lure hackers in. Great way at finding out who is after you. Read a good article on this at SecurityFocus.

  7. #7

    Re:hardened linux versions

    Got a link? I'm interested.

  8. #8

    Re:hardened linux versions

    Try LIDS (http://www.lids.org) instead of the NSA kernel. As for pre hardened Linux versions you can check out engaurd or in the future Darkfire (shameless plug).

  9. #9

    Re:hardened linux versions

    i would like to try the motorola/HP HA kernel - tyhey are using it to get 6nines availability (up time of 99.9999 % of the time). right now it mainly is used on powerPC (MP860) for telecom infrastruture - e.g. cell phone base stations.

Similar Threads

  1. ZFS Port to Linux ( all versions)
    By darshin in forum BSD
    Replies: 0
    Last Post: 08-23-2010, 10:04 AM
  2. [Solved!] Linux versions
    By boshra in forum Redhat / Fedora
    Replies: 1
    Last Post: 05-05-2009, 10:18 AM
  3. Linux versions supporting AMD Athlon 64
    By thatoneguy in forum Linux - General Topics
    Replies: 3
    Last Post: 02-04-2005, 02:35 AM
  4. New Linux versions follow standard path
    By cloverm in forum General Chat
    Replies: 1
    Last Post: 10-09-2002, 02:11 PM
  5. So what are the different versions of linux?
    By iansl in forum Linux - General Topics
    Replies: 1
    Last Post: 05-14-2002, 04:09 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •