On Thursday 21 April 2005 4:19 pm, Louis Richards wrote:
The Linux Documentation Project at http://www.tldp.org is a good place to start. Specificaly sections : http://www.tldp.org/HOWTO/HOWTO-INDEX/admin.html#ADMSECURITY http://www.tldp.org/HOWTO/HOWTO-INDEX/networking.html#NETSECURITY <snip> Someone else mentioned Snort. I love this program, especialy with the SnortSam plugin. Again, however, a good base knowledge is needed to get the most out of it.
Louis Richards
Another security related package that is good for locking down a system is Bastille. Doesn't detect a break-in/crack but it could help prevent one. I loaded version 3.0.2-1.0 from the site http://www.bastille-linux.org/. Generic RPM for SUSE, RedHat, Mandrake, etc. Loaded fine, stepped through a few screens before cancelling out. Version 2.1.1 is on 9.2 and apparently is the same version on 9.3. I thought it was dropped for a couple of releases like 9.0 and 9.1 maybe? Bastille steps you through a security check on your machine with explanations of each step. Learning what it all means in relation to everything else is the fun part! Leave the defaults alone if you are new to Linux and learn what each step means before making changes. You could lock yourself out of your machine if you don't know what you are doing. Nothing a quick re-install couldn't cure though. Once you are thoroughly confused then of course ask for help here or at suse-security list. Stan