[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: wish list

To: <securedistros@nl.linux.org>
Subject: Re: wish list
From: "Matt Caldwell" <falken@networkcarolina.com>
Date: Sun, 6 Jun 1999 19:21:42 -0400
Reply-To: securedistros@nl.linux.org
Sender: owner-securedistros@humbolt.nl.linux.org

I would like to suggest a few things. If your going to make the system
"Secure" then the creation of automatic ACL's on system binaries that have
root level access would be nice to see. Possible groups include a socket()
creation group, and or network raw access group. Another
group for strickly security administration and then real wheel.

Installation of tripwire for system integrity on initial install.
The installation of a sudo to limit the amount of  su - root's.
A nice gui for the times users can login such as in Windows NT. Randomizing
passwords for the users and or the use of something like npasswd to check
against a dictionary
Nice gui for the ipchains firewall, with automatic logging and reporting
daily of denied packets. Possible ipsentry or something to block against the
attacks (could be light version).
I fully support the disabling of all daemons not needed and the use of
xinetd. Use of linux ext2fs functions on the logs files such as the append
only mode. Just a few random suggestions



Matthew F. Caldwell,  CISSP - President
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Guarded.Net - A Information Security Company
connect(); to the future of secure computing!
Visit us on the web @ http://www.guarded.net
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-

-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/

Follow-Ups:
- Re: wish list
  - From: Emanuele <ntf@dislessici.org>

Prev by Date: Re: wish list
Next by Date: Re: wish list
Prev by thread: Re: wish list
Next by thread: Re: wish list
Index(es):
- Date
- Thread