[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

some requirements

To: securedistros@nl.linux.org
Subject: some requirements
From: Andreas Jellinghaus <aj@dungeon.inka.de>
Date: Thu, 27 Jul 2000 23:28:41 +0200
Reply-To: securedistros@nl.linux.org
Sender: owner-securedistros@nl.linux.org
User-Agent: Mutt/1.0.1i

i would like a linux distribution with security features like microsoft,
but without the braindead implementation.

microsoft has some pretty nice features:
 - every machine has a "secret", that can be used for secure
   communication. that secret is protected and can not read with
   system calls, not even root can.

   think of a secret key for IPsec, and once that key is read and the
   kernel is configured, the file is somehow marked, so noone can read
   it without rebooting.

   nfs is insecure, and without IPsec or some other way to secure is:
   where is a network filesystem for linux ? (ok, maybe nfs v4 will
   help, but who can wait that long ?)

 - central security lists for secure communication. they call it domain,
   and it doesn´t work very well always.

   but the idea is nice: you don´t want "first handshake" secure
   communications like ssh does, but install the public key in all
   machines on the net, one a new machine is installed. ok, you don´t
   want to touch every machine, so some central approach is necessary.
   
   is dns ready to serve keys for IPsec ? IIRC there was some way to
   store the public keys in dns. also, this allows failover security:
   you can have several dns servers and if one goes down, the other will
   still work. absolutely necessary for any central approach.

 - improved ssl ? 
   nearly no server allows authentication via ssl certificate.
   also nearly no server allows the server key be encrypted with
   a password, and the certificate in an extra file. apache is fine,
   but stunnel/sslwrap/... ?

 - ssl managemant ? openssl tools are not very easy to use.

only some things, i don´t know if any distribution has a goal
of doing real cool stuff in one of these areas. compiling and shipping
the software isn´t enough. who compiles mysql with ssl support ?
or ldap ? who has a pam_ldap or pam_mysql, that does ssl ?
or who has a IPsec setup, so pam_ldap/pam_mysql connections will be
encrypted ?

i am realy considering useing samba/pam_ntdom and smbfs for security
reasons, since the network filesystem is more secure than nfs, and the 
passwords are not available to dictrionary attacks nor can be sniffed
(as far as i know). sure, there are other problems...

to sum it up: very big companies with very many computers forces
microsoft to improve some stuff in the last years, so installations
with lots of servers and desktop machines for thousends of users are
possible. sure, the implementations were braindead or buggy, but to my
knowledge all known security bugs are fixed. and the concepts are realy
nifty (if the handling and administration was a bit easier and better
documented). 

andreas

-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/

Follow-Ups:
- Re: some requirements
  - From: Tom Vogt <tom@lemuria.org>

Prev by Date: Re: antispam measures ...
Next by Date: Re: antispam measures ...
Prev by thread: Re: antispam measures ...
Next by thread: Re: some requirements
Index(es):
- Date
- Thread