Re: [gentoo-hardened] Re: Do I need RBAC?

2006-10-29 Thread Brant Williams
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'd recommend that you familiarize yourself with the documentation before trying out the learning mode. It's not in the best state right now, but there is enough there to get an idea where to start. Learning mode uses a learning configuration fil

Re: [gentoo-hardened] Re: Hardening SSHD

2006-10-29 Thread Jason Booth
On Wednesday 25 October 2006 11:08, Paulo Roberto Candido dos Santos wrote: > Hello, I think you might find this useful: > > iptables -N REJECT-SSH > iptables -A REJECT-SSH -j DROP -m recent --rcheck --name SSH --seconds 60 > --hitcount 10 > iptables -A REJECT-SSH -j LOG --log-prefix SSH-Bruteforce

Re: [gentoo-hardened] loss of stateful iptables 2.6.17-hardened-r1 - 64bit

2006-10-29 Thread Jason Booth
On Wednesday 25 October 2006 15:30, Marek Wróbel wrote: > Jason Booth wrote: > > Yeah that's exactly what i thought only match wasn't an option in the > > config this time... possibly something got messed up in patching to > > disable the option. I'll wipe the tarball and try again tonight. > > Las

Re: [gentoo-hardened] Re: Do I need RBAC?

2006-10-29 Thread Brian Davis
So maybe I'm missing something. Is learning mode all you need to do to get up and running? How much time did you spend tweaking the profile? Is it a security no-no to ask to see your profile. Thanks, Brian - Original Message - From: <[EMAIL PROTECTED]> To: Sent: Sunday, October 29

Re: [gentoo-hardened] New selinux-policy ebuild don't install anything ??

2006-10-29 Thread Joshua Brindle
kakou wrote: I have a similar problem with setools-3 that need a selinuxfs and so crash during compilation. You should report this (with config.log) to [EMAIL PROTECTED] -- gentoo-hardened@gentoo.org mailing list

Re: [gentoo-hardened] Re: Do I need RBAC?

2006-10-29 Thread Joshua Brindle
7v5w7go9ub0o wrote: There seems to be a reluctance among some old-timers to use the hardened tools anywhere else but on a server - I'd guess that is a holdover from the last decade when both Linux and the hardening tools were being created. Today's (non-selinux) tools are easy to use, and ar

Re: [gentoo-hardened] Re: Do I need RBAC?

2006-10-29 Thread atoth
On Vas, Október 29, 2006 16:19, 7v5w7go9ub0o wrote: > If you are talking about Grsecurity (which has a learning mode that makes > configuration very easy), and if your users are doing limited, standard > things, then a strong Yes! (though IIUC, SeLinux is difficult to > configure) Strongly agree.

[gentoo-hardened] Re: Do I need RBAC?

2006-10-29 Thread 7v5w7go9ub0o
If you are talking about Grsecurity (which has a learning mode that makes configuration very easy), and if your users are doing limited, standard things, then a strong Yes! (though IIUC, SeLinux is difficult to configure) The RBAC protection will protect you if -you- or a trusted user doe

Re: [gentoo-hardened] Do I need RBAC?

2006-10-29 Thread Brian Davis
I'm hoping that chroot with the grsecurity kernel chroot enhancements will protect me in that case. Thanks, Brian Guillaume Castagnino wrote: Hi, hardening is not only to protect against your known users, but only from external attackers ! If you have a flaw in one of your servers that can b

Re: [gentoo-hardened] Do I need RBAC?

2006-10-29 Thread Guillaume Castagnino
Le dimanche 29 octobre 2006 13:13, Panagiotis Atmatzidis a écrit : > Guillaume Castagnino wrote: > > Hi, > > > > hardening is not only to protect against your known users, but only > > from external attackers ! > > If you have a flaw in one of your servers that can be remotely > > exploited, harden

Re: [gentoo-hardened] Do I need RBAC?

2006-10-29 Thread Panagiotis Atmatzidis
Guillaume Castagnino wrote: Hi, hardening is not only to protect against your known users, but only from external attackers ! If you have a flaw in one of your servers that can be remotely exploited, hardening your box will help you containing the attacker ! Regards, Le dimanche 29 octobre

Re: [gentoo-hardened] Do I need RBAC?

2006-10-29 Thread Guillaume Castagnino
Hi, hardening is not only to protect against your known users, but only from external attackers ! If you have a flaw in one of your servers that can be remotely exploited, hardening your box will help you containing the attacker ! Regards, Le dimanche 29 octobre 2006 05:16, [EMAIL PROTECTED] a

Re: [gentoo-hardened] Do I need RBAC?

2006-10-29 Thread Panagiotis Atmatzidis
[EMAIL PROTECTED] wrote: I have a total of 3 non-root users, 1 is me, the 2 others are trusted (i.e. family/friend). RBAC looks like it's more complex that I need and want to deal with, and I'm I'm wondering if I should bother with this with so few users. Thoughts? Thanks, Brian straight

Re: [gentoo-hardened] Do I need RBAC?

2006-10-29 Thread Javi Moreno
It's not worthy I think. You may want some hardened features but just a few.On 10/29/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: I have a total of 3 non-root users, 1 is me, the 2 others are trusted (i.e. family/friend). RBAC looks like it's more complex that I need and want to deal with, and