From owner-securedistros@humbolt.nl.linux.org Sun Jun 6 16:56:32 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id QAA17615 for securedistros-list; Sun, 6 Jun 1999 16:56:32 +0200 Received: from mirkwood.nl.linux.org (root@agratax.demon.nl [212.238.108.69]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id QAA17356 for ; Sun, 6 Jun 1999 16:56:19 +0200 Received: from localhost (riel@localhost) by mirkwood.nl.linux.org (8.9.0/8.9.3) with ESMTP id QAA06159; Sun, 6 Jun 1999 16:40:43 +0200 Date: Sun, 6 Jun 1999 16:40:43 +0200 (CEST) From: Rik van Riel To: securelinux@reseau.nl cc: bastille-linux@bastille-linux.org, kha0s-dev@kha0s.org, securedistros@nl.linux.org, editor@lwn.net, dwj@linuxtoday.com, scoop@freshmeat.net, hemos@slashdot.org, bugtraq@netspace.org, security-audit@ferret.lmh.ox.ac.uk Subject: Ann: common secure linux mailing list Message-ID: X-Search-Engine-Bait: http://humbolt.nl.linux.org/ X-My-Own-Server: http://www.nl.linux.org/ MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hi, Together with the kha0s and bastille Linux folks I've decided that it would be nice to have a common mailing list for the different secure Linux mailing lists. Since friday night (CET), the list is there: securedistros@nl.linux.org You can subscribe like this: $ echo subscribe securedistros | mail majordomo@nl.linux.org The main things we'll discuss on the list will be things like bug fixes, code fixups and generic security ideas that are usable in all secure Linux distributions. For the uninitiated, here are the 3 secure Linux distributions and their goals: Bastille Linux -- http://www.bastille-linux.org/ Creating a secure Linux distribution for on the desktop, the main use being that network administrators can give out Linux CD's to their users without worrying about security. Bastille Linux will be using Red Hat 6.0 as their basis. Kha0s Linux -- http://www.kha0s.org/ Creating a minimal and secure Linux distribution. Starting from scratch, source-based and with strong encryption and OpenBSD-like policies everywhere. They have a little bit of code available, so this is good for the (impatient) tinkerers. Secure Linux -- http://www.reseau.nl/securelinux/ Creating a secured Linux for (internet) server systems. This distribution will feature something like a package system or at least proper file accounting. Strong cryptography and extra web server functionality will most likely be included as well. regards, Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 6 16:58:29 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id QAA22442 for securedistros-list; Sun, 6 Jun 1999 16:58:29 +0200 Received: from rommel.stw.uni-erlangen.de (qmailr@mail.rommel.stw.uni-erlangen.de [131.188.24.4]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id QAA22381 for ; Sun, 6 Jun 1999 16:58:19 +0200 Received: (qmail 17022 invoked by uid 1001); 6 Jun 1999 14:58:13 -0000 MBOX-Line: From security-audit-return-2774-flo=rommel.stw.uni-erlangen.de@ferret.lmh.ox.ac.uk Sun Jun 06 14:58:13 1999 Delivered-To: flo@rommel.stw.uni-erlangen.de Received: (qmail 17012 invoked from network); 6 Jun 1999 14:58:08 -0000 Received: from faui45.informatik.uni-erlangen.de (root@131.188.2.45) by mail.rommel.stw.uni-erlangen.de with SMTP; 6 Jun 1999 14:58:08 -0000 Received: from ferret.lmh.ox.ac.uk (IDENT:qmailr@ferret.lmh.ox.ac.uk [163.1.138.204]) by faui45.informatik.uni-erlangen.de (8.9.1/8.1.49-FAU) with SMTP id QAA17261 for ; Sun, 6 Jun 1999 16:58:07 +0200 (MET DST) Received: (qmail 8917 invoked by uid 529); 6 Jun 1999 14:56:14 -0000 Mailing-List: contact security-audit-help@ferret.lmh.ox.ac.uk; run by ezmlm Delivered-To: mailing list security-audit@ferret.lmh.ox.ac.uk Received: (qmail 8912 invoked from network); 6 Jun 1999 14:56:13 -0000 Received: from post-10.mail.nl.demon.net (HELO post.mail.nl.demon.net) (194.159.73.20) by ferret.lmh.ox.ac.uk with SMTP; 6 Jun 1999 14:56:13 -0000 Received: from [212.238.108.69] (helo=mirkwood.nl.linux.org) by post.mail.nl.demon.net with esmtp (Exim 2.02 #1) id 10qeLI-0005tV-00; Sun, 6 Jun 1999 14:56:11 +0000 Received: from localhost (riel@localhost) by mirkwood.nl.linux.org (8.9.0/8.9.3) with ESMTP id QAA06159; Sun, 6 Jun 1999 16:40:43 +0200 Date: Sun, 6 Jun 1999 16:40:43 +0200 (CEST) From: Rik van Riel cc: bastille-linux@bastille-linux.org, kha0s-dev@kha0s.org, securedistros@nl.linux.org, editor@lwn.net, dwj@linuxtoday.com, scoop@freshmeat.net, hemos@slashdot.org, bugtraq@netspace.org, security-audit@ferret.lmh.ox.ac.uk Subject: Ann: common secure linux mailing list Message-ID: X-Search-Engine-Bait: http://humbolt.nl.linux.org/ X-My-Own-Server: http://www.nl.linux.org/ MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Flo-copy: jerry To: snflhelb@rzmail.uni-erlangen.de Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hi, Together with the kha0s and bastille Linux folks I've decided that it would be nice to have a common mailing list for the different secure Linux mailing lists. Since friday night (CET), the list is there: securedistros@nl.linux.org You can subscribe like this: $ echo subscribe securedistros | mail majordomo@nl.linux.org The main things we'll discuss on the list will be things like bug fixes, code fixups and generic security ideas that are usable in all secure Linux distributions. For the uninitiated, here are the 3 secure Linux distributions and their goals: Bastille Linux -- http://www.bastille-linux.org/ Creating a secure Linux distribution for on the desktop, the main use being that network administrators can give out Linux CD's to their users without worrying about security. Bastille Linux will be using Red Hat 6.0 as their basis. Kha0s Linux -- http://www.kha0s.org/ Creating a minimal and secure Linux distribution. Starting from scratch, source-based and with strong encryption and OpenBSD-like policies everywhere. They have a little bit of code available, so this is good for the (impatient) tinkerers. Secure Linux -- http://www.reseau.nl/securelinux/ Creating a secured Linux for (internet) server systems. This distribution will feature something like a package system or at least proper file accounting. Strong cryptography and extra web server functionality will most likely be included as well. regards, Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 6 18:19:32 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id SAA05453 for securedistros-list; Sun, 6 Jun 1999 18:19:32 +0200 Received: from ferret.lmh.ox.ac.uk (IDENT:qmailr@ferret.lmh.ox.ac.uk [163.1.138.204]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id SAA05406 for ; Sun, 6 Jun 1999 18:19:24 +0200 Received: (qmail 30547 invoked by uid 501); 6 Jun 1999 16:19:20 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 6 Jun 1999 16:19:20 -0000 Date: Sun, 6 Jun 1999 17:19:20 +0100 (GMT) From: Chris Evans To: Rik van Riel cc: securelinux@reseau.nl, bastille-linux@bastille-linux.org, kha0s-dev@kha0s.org, securedistros@nl.linux.org, security-audit@ferret.lmh.ox.ac.uk Subject: Re: Ann: common secure linux mailing list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Sun, 6 Jun 1999, Rik van Riel wrote: > The main things we'll discuss on the list will be things > like bug fixes, code fixups and generic security ideas that > are usable in all secure Linux distributions. Unless I'm mistaken, that's what goes on here. Surely list fragmentation is a bad idea? Chris - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 6 18:21:27 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id SAA09768 for securedistros-list; Sun, 6 Jun 1999 18:21:27 +0200 Received: from rommel.stw.uni-erlangen.de (qmailr@mail.rommel.stw.uni-erlangen.de [131.188.24.4]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id SAA09724 for ; Sun, 6 Jun 1999 18:21:18 +0200 Received: (qmail 19233 invoked by uid 1001); 6 Jun 1999 16:21:11 -0000 MBOX-Line: From security-audit-return-2775-flo=rommel.stw.uni-erlangen.de@ferret.lmh.ox.ac.uk Sun Jun 06 16:21:10 1999 Delivered-To: flo@rommel.stw.uni-erlangen.de Received: (qmail 19225 invoked from network); 6 Jun 1999 16:21:10 -0000 Received: from faui45.informatik.uni-erlangen.de (root@131.188.2.45) by mail.rommel.stw.uni-erlangen.de with SMTP; 6 Jun 1999 16:21:10 -0000 Received: from ferret.lmh.ox.ac.uk (IDENT:qmailr@ferret.lmh.ox.ac.uk [163.1.138.204]) by faui45.informatik.uni-erlangen.de (8.9.1/8.1.49-FAU) with SMTP id SAA19950 for ; Sun, 6 Jun 1999 18:21:09 +0200 (MET DST) Received: (qmail 30557 invoked by uid 529); 6 Jun 1999 16:19:21 -0000 Mailing-List: contact security-audit-help@ferret.lmh.ox.ac.uk; run by ezmlm Delivered-To: mailing list security-audit@ferret.lmh.ox.ac.uk Received: (qmail 30547 invoked by uid 501); 6 Jun 1999 16:19:20 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 6 Jun 1999 16:19:20 -0000 Date: Sun, 6 Jun 1999 17:19:20 +0100 (GMT) From: Chris Evans cc: securelinux@reseau.nl, bastille-linux@bastille-linux.org, kha0s-dev@kha0s.org, securedistros@nl.linux.org, security-audit@ferret.lmh.ox.ac.uk Subject: Re: Ann: common secure linux mailing list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Flo-copy: jerry To: snflhelb@rzmail.uni-erlangen.de Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Sun, 6 Jun 1999, Rik van Riel wrote: > The main things we'll discuss on the list will be things > like bug fixes, code fixups and generic security ideas that > are usable in all secure Linux distributions. Unless I'm mistaken, that's what goes on here. Surely list fragmentation is a bad idea? Chris - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 6 19:40:34 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA13255 for securedistros-list; Sun, 6 Jun 1999 19:40:34 +0200 Received: from mail.commtouch.com (h56.commtouch.com [207.135.122.56] (may be forged)) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA13196 for ; Sun, 6 Jun 1999 19:40:20 +0200 Received: from monitor1 (207.135.122.38) by mail.commtouch.com (NPlex 2.0.119) for securedistros@nl.linux.org; Sun, 6 Jun 1999 10:39:25 -0700 Message-ID: <001501beb043$0b480800$267a87cf@monitor1.alink.net> From: "Aleksey Ivkov" To: Date: Sun, 6 Jun 1999 10:36:01 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org $ echo subscribe securedistros | mail majordomo@nl.linux.org - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 6 20:20:49 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id UAA03808 for securedistros-list; Sun, 6 Jun 1999 20:20:49 +0200 Received: from mirkwood.nl.linux.org (root@agratax.demon.nl [212.238.108.69]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id UAA03647 for ; Sun, 6 Jun 1999 20:20:40 +0200 Received: from localhost (riel@localhost) by mirkwood.nl.linux.org (8.9.0/8.9.3) with ESMTP id UAA07776; Sun, 6 Jun 1999 20:14:46 +0200 Date: Sun, 6 Jun 1999 20:14:46 +0200 (CEST) From: Rik van Riel To: Chris Evans cc: securelinux@reseau.nl, bastille-linux@bastille-linux.org, kha0s-dev@kha0s.org, securedistros@nl.linux.org, security-audit@ferret.lmh.ox.ac.uk Subject: Re: Ann: common secure linux mailing list In-Reply-To: Message-ID: X-Search-Engine-Bait: http://humbolt.nl.linux.org/ X-My-Own-Server: http://www.nl.linux.org/ MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Sun, 6 Jun 1999, Chris Evans wrote: > On Sun, 6 Jun 1999, Rik van Riel wrote: > > > The main things we'll discuss on the list will be things > > like bug fixes, code fixups and generic security ideas that > > are usable in all secure Linux distributions. > > Unless I'm mistaken, that's what goes on here. Surely list > fragmentation is a bad idea? The security-audit list is for the improvement of programs. The list I set up was meant as a list for the general improvement of packages, the configuration of packages and choosing which package to use for such a distribution. Unfortunately, I seem to have had a slight brain fart when doing the above announcement -- the overlap with security-audit wasn't planned :( cheers, Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 6 20:22:43 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id UAA06952 for securedistros-list; Sun, 6 Jun 1999 20:22:43 +0200 Received: from rommel.stw.uni-erlangen.de (qmailr@mail.rommel.stw.uni-erlangen.de [131.188.24.4]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id UAA06875 for ; Sun, 6 Jun 1999 20:22:31 +0200 Received: (qmail 22202 invoked by uid 1001); 6 Jun 1999 18:22:28 -0000 MBOX-Line: From security-audit-return-2776-flo=rommel.stw.uni-erlangen.de@ferret.lmh.ox.ac.uk Sun Jun 06 18:22:27 1999 Delivered-To: flo@rommel.stw.uni-erlangen.de Received: (qmail 22194 invoked from network); 6 Jun 1999 18:22:26 -0000 Received: from faui45.informatik.uni-erlangen.de (root@131.188.2.45) by mail.rommel.stw.uni-erlangen.de with SMTP; 6 Jun 1999 18:22:26 -0000 Received: from ferret.lmh.ox.ac.uk (IDENT:qmailr@ferret.lmh.ox.ac.uk [163.1.138.204]) by faui45.informatik.uni-erlangen.de (8.9.1/8.1.49-FAU) with SMTP id UAA24480 for ; Sun, 6 Jun 1999 20:22:25 +0200 (MET DST) Received: (qmail 28215 invoked by uid 529); 6 Jun 1999 18:20:39 -0000 Mailing-List: contact security-audit-help@ferret.lmh.ox.ac.uk; run by ezmlm Delivered-To: mailing list security-audit@ferret.lmh.ox.ac.uk Received: (qmail 28208 invoked from network); 6 Jun 1999 18:20:39 -0000 Received: from post-10.mail.nl.demon.net (HELO post.mail.nl.demon.net) (194.159.73.20) by ferret.lmh.ox.ac.uk with SMTP; 6 Jun 1999 18:20:39 -0000 Received: from [212.238.108.69] (helo=mirkwood.nl.linux.org) by post.mail.nl.demon.net with esmtp (Exim 2.02 #1) id 10qhXA-0003Io-00; Sun, 6 Jun 1999 18:20:37 +0000 Received: from localhost (riel@localhost) by mirkwood.nl.linux.org (8.9.0/8.9.3) with ESMTP id UAA07776; Sun, 6 Jun 1999 20:14:46 +0200 Date: Sun, 6 Jun 1999 20:14:46 +0200 (CEST) From: Rik van Riel cc: securelinux@reseau.nl, bastille-linux@bastille-linux.org, kha0s-dev@kha0s.org, securedistros@nl.linux.org, security-audit@ferret.lmh.ox.ac.uk Subject: Re: Ann: common secure linux mailing list In-Reply-To: Message-ID: X-Search-Engine-Bait: http://humbolt.nl.linux.org/ X-My-Own-Server: http://www.nl.linux.org/ MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Flo-copy: jerry To: snflhelb@rzmail.uni-erlangen.de Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Sun, 6 Jun 1999, Chris Evans wrote: > On Sun, 6 Jun 1999, Rik van Riel wrote: > > > The main things we'll discuss on the list will be things > > like bug fixes, code fixups and generic security ideas that > > are usable in all secure Linux distributions. > > Unless I'm mistaken, that's what goes on here. Surely list > fragmentation is a bad idea? The security-audit list is for the improvement of programs. The list I set up was meant as a list for the general improvement of packages, the configuration of packages and choosing which package to use for such a distribution. Unfortunately, I seem to have had a slight brain fart when doing the above announcement -- the overlap with security-audit wasn't planned :( cheers, Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 6 21:01:42 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id VAA15124 for securedistros-list; Sun, 6 Jun 1999 21:01:42 +0200 Received: from lotus.slothmud.org (dv004s31.lawrence.ks.us [24.124.31.4]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id VAA15014 for ; Sun, 6 Jun 1999 21:01:33 +0200 From: hayward@slothmud.org Received: (qmail 24844 invoked by uid 508); 6 Jun 1999 19:10:01 -0000 Date: Sun, 6 Jun 1999 14:10:00 -0500 (CDT) To: Rik van Riel cc: Chris Evans , securelinux@reseau.nl, bastille-linux@bastille-linux.org, kha0s-dev@kha0s.org, securedistros@nl.linux.org, security-audit@ferret.lmh.ox.ac.uk Subject: Re: Ann: common secure linux mailing list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org #The security-audit list is for the improvement of programs. #The list I set up was meant as a list for the general #improvement of packages, the configuration of packages and #choosing which package to use for such a distribution. Being a member of security-audit since it's inception, I'd have to say that it includes everything that you list here. It isn't restricted to auditing code, it includes auditing the installation and configuration practices of various distributions, the inclusion of old packages that have been replaced by more secure ones, as well as making reccomendations to distribtion maintaners for removing or including certain security related packages. -- Brian - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 6 21:04:21 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id VAA20357 for securedistros-list; Sun, 6 Jun 1999 21:04:21 +0200 Received: from rommel.stw.uni-erlangen.de (qmailr@mail.rommel.stw.uni-erlangen.de [131.188.24.4]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id VAA20213 for ; Sun, 6 Jun 1999 21:03:54 +0200 Received: (qmail 23338 invoked by uid 1001); 6 Jun 1999 19:03:06 -0000 MBOX-Line: From security-audit-return-2777-flo=rommel.stw.uni-erlangen.de@ferret.lmh.ox.ac.uk Sun Jun 06 19:03:04 1999 Delivered-To: flo@rommel.stw.uni-erlangen.de Received: (qmail 23330 invoked from network); 6 Jun 1999 19:03:04 -0000 Received: from faui45.informatik.uni-erlangen.de (root@131.188.2.45) by mail.rommel.stw.uni-erlangen.de with SMTP; 6 Jun 1999 19:03:04 -0000 Received: from ferret.lmh.ox.ac.uk (IDENT:qmailr@ferret.lmh.ox.ac.uk [163.1.138.204]) by faui45.informatik.uni-erlangen.de (8.9.1/8.1.49-FAU) with SMTP id VAA25977 for ; Sun, 6 Jun 1999 21:03:03 +0200 (MET DST) Received: (qmail 8810 invoked by uid 529); 6 Jun 1999 19:01:26 -0000 Mailing-List: contact security-audit-help@ferret.lmh.ox.ac.uk; run by ezmlm Delivered-To: mailing list security-audit@ferret.lmh.ox.ac.uk Received: (qmail 8799 invoked from network); 6 Jun 1999 19:01:25 -0000 Received: from dv004s31.lawrence.ks.us (HELO lotus.slothmud.org) (24.124.31.4) by ferret.lmh.ox.ac.uk with SMTP; 6 Jun 1999 19:01:25 -0000 Received: (qmail 24844 invoked by uid 508); 6 Jun 1999 19:10:01 -0000 Date: Sun, 6 Jun 1999 14:10:00 -0500 (CDT) From: cc: Chris Evans , securelinux@reseau.nl, bastille-linux@bastille-linux.org, kha0s-dev@kha0s.org, securedistros@nl.linux.org, security-audit@ferret.lmh.ox.ac.uk Subject: Re: Ann: common secure linux mailing list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Flo-copy: jerry To: snflhelb@rzmail.uni-erlangen.de Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org #The security-audit list is for the improvement of programs. #The list I set up was meant as a list for the general #improvement of packages, the configuration of packages and #choosing which package to use for such a distribution. Being a member of security-audit since it's inception, I'd have to say that it includes everything that you list here. It isn't restricted to auditing code, it includes auditing the installation and configuration practices of various distributions, the inclusion of old packages that have been replaced by more secure ones, as well as making reccomendations to distribtion maintaners for removing or including certain security related packages. -- Brian - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 6 22:52:02 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id WAA31147 for securedistros-list; Sun, 6 Jun 1999 22:52:02 +0200 Received: from galactica.it ([212.41.192.65]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id WAA31054 for ; Sun, 6 Jun 1999 22:51:54 +0200 Received: (apparently) from default ([212.41.196.32]) by galactica.it with Microsoft SMTPSVC(5.5.1877.977.9); Sun, 6 Jun 1999 22:55:11 +0200 Message-Id: <4.1.19990606224401.009d1100@mail.galactica.it> X-Sender: dario.forte@mail.galactica.it X-Mailer: QUALCOMM Windows Eudora Pro Versione 4.1 Data: Sun, 06 Jun 1999 22:44:18 +0200 To: securedistros@nl.linux.org From: Dario Forte CCSE-CCSA Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: 6 Jun 1999 22:55:13 +0200 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org $ echo subscribe securedistros | mail majordomo@nl.linux.org - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 00:14:30 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA10734 for securedistros-list; Mon, 7 Jun 1999 00:14:30 +0200 Received: from mirkwood.nl.linux.org (root@agratax.demon.nl [212.238.108.69]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA10534 for ; Mon, 7 Jun 1999 00:14:21 +0200 Received: from localhost (riel@localhost) by mirkwood.nl.linux.org (8.9.0/8.9.3) with ESMTP id AAA11674 for ; Mon, 7 Jun 1999 00:14:11 +0200 Date: Mon, 7 Jun 1999 00:14:10 +0200 (CEST) From: Rik van Riel To: securedistros@mirkwood.nl.linux.org Subject: wish list Message-ID: X-Search-Engine-Bait: http://humbolt.nl.linux.org/ X-My-Own-Server: http://www.nl.linux.org/ MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hi, I guess a good start for a list like this would be to compose a wish list of features people would like to see in a secure Linux distribution. Once we've got the list the three distributions can implement the features they feel suit them and the participants in the list will be able to choose the best distribution for their purposes. In that way, the making of a wish list will steer the secure Linux projecs and the people interested in them in their 'right direction' and will keep people interested and projects rolling along at a good pace. So, who's got the first wish? :) cheers, Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 00:22:46 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA01463 for securedistros-list; Mon, 7 Jun 1999 00:22:46 +0200 Received: from mirkwood.nl.linux.org (root@agratax.demon.nl [212.238.108.69]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA01368 for ; Mon, 7 Jun 1999 00:22:30 +0200 Received: from localhost (riel@localhost) by mirkwood.nl.linux.org (8.9.0/8.9.3) with ESMTP id AAA11771 for ; Mon, 7 Jun 1999 00:22:08 +0200 X-Received: from mirkwood.nl.linux.org (riel@mirkwood.nl.linux.org [10.0.0.1]) by mirkwood.nl.linux.org (8.9.0/8.9.3) with ESMTP id AAA11742 for ; Mon, 7 Jun 1999 00:21:02 +0200 X-Received: from humbolt.geo.uu.nl by mirkwood.nl.linux.org (fetchmail-4.4.9 POP3) for (single-drop); Mon, 07 Jun 1999 00:21:03 CEST X-Received: from Nathan.ADHosting.Com (root@cx546345-a.chnd1.az.home.com [24.1.218.110]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA26709 for ; Mon, 7 Jun 1999 00:20:14 +0200 X-Received: from localhost (nathan@localhost) by Nathan.ADHosting.Com (8.9.1/8.9.1) with ESMTP id PAA10512 for ; Sun, 6 Jun 1999 15:24:36 -0700 Date: Sun, 6 Jun 1999 15:24:35 -0700 (MST) From: Nathan Staab To: Rik van Riel Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org possibly group catagorzation for ping and su i.e. su is only able to be executed by a person in the group of "su" likewise for ping & traceroute and have that defined in the setup who would have access to that.. instead of a basic out-of-box install of just plain anyone who has an account on the box can use su, ping & traceroute. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 00:26:56 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA10668 for securedistros-list; Mon, 7 Jun 1999 00:26:56 +0200 Received: from casal.upc.es (casal.upc.es [147.83.61.17]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA10592 for ; Mon, 7 Jun 1999 00:26:47 +0200 Received: from pere by casal.upc.es with local-smtp (Exim 2.05 #1 (Debian)) id 10qlNM-0001GL-00; Mon, 7 Jun 1999 00:26:44 +0200 Date: Mon, 7 Jun 1999 00:26:44 +0200 (CET) From: Pere Camps To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hi! How about a simple thing as having all the services in inetd commented out or a ALL:ALL in /etc/hosts.deny from the right begining of the installation? -- p. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 00:29:09 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA13536 for securedistros-list; Mon, 7 Jun 1999 00:29:09 +0200 Received: from kryten.ipax.com.au (IDENT:root@kryten.ipax.com.au [203.29.72.3]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA13367 for ; Mon, 7 Jun 1999 00:28:37 +0200 Received: from central.charon.net.au (kendall@central.charon.net.au [203.55.169.1]) by kryten.ipax.com.au (8.8.7/8.8.7) with ESMTP id IAA07636 for ; Mon, 7 Jun 1999 08:28:30 +1000 Received: from localhost (kendall@localhost) by central.charon.net.au (8.9.3/8.9.3) with ESMTP id IAA02562 for ; Mon, 7 Jun 1999 08:28:32 +1000 Date: Mon, 7 Jun 1999 08:28:31 +1000 (EST) From: Kendall Lister To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, 7 Jun 1999, Rik van Riel wrote: > So, who's got the first wish? :) This has already been raised, but I would like to see a distribution that does not enable any daemons or similar security risks by default without making the installer thoroughly aware that a) the daemon has been installed and b) that the known security risks are as follows. This would prevent people from inadvertantly leaving netstat running, or some similar problem (as you can tell, I am not a security expert... :) -- Kendall Lister, Systems Operator for Charon I.S. - kendall@charon.net.au Charon Information Services - Friendly, Cheap Melbourne ISP: 9589 7781 - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 00:30:58 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA15565 for securedistros-list; Mon, 7 Jun 1999 00:30:58 +0200 Received: from Nathan.ADHosting.Com (root@cx546345-a.chnd1.az.home.com [24.1.218.110]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA15471 for ; Mon, 7 Jun 1999 00:30:50 +0200 Received: from localhost (nathan@localhost) by Nathan.ADHosting.Com (8.9.1/8.9.1) with ESMTP id PAA10555 for ; Sun, 6 Jun 1999 15:35:12 -0700 Date: Sun, 6 Jun 1999 15:35:12 -0700 (MST) From: Nathan Staab To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org possibly instead of commenting out the things in /etc/inetd.conf to keep the machine functional.. have a firewall script that utilizes ipchains or something alike to deny services from to the outside world. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 00:31:33 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA15821 for securedistros-list; Mon, 7 Jun 1999 00:31:33 +0200 Received: from finch-post-10.mail.demon.net (finch-post-10.mail.demon.net [194.217.242.38]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA15708 for ; Mon, 7 Jun 1999 00:31:15 +0200 Received: from [194.222.156.169] (helo=notatla.demon.co.uk) by finch-post-10.mail.demon.net with esmtp (Exim 2.12 #1) id 10qlRg-0005Wj-0A for securedistros@nl.linux.org; Sun, 6 Jun 1999 22:31:12 +0000 Received: (from ant@localhost) by notatla.demon.co.uk (noyb/noyb) id XAA02279; Sun, 6 Jun 1999 23:28:42 +0100 Date: Sun, 6 Jun 1999 23:28:42 +0100 From: Antonomasia Message-Id: <199906062228.XAA02279@notatla.demon.co.uk> To: securedistros@nl.linux.org Subject: Re: wish list Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org 1) secure attention key (Control-Alt Delete preferred) 2) secure file deletion - I'm having trouble spotting the right part of the kernel to add this to. 3) install time options to include a defined near-minimal state for adding network server to -- ############################################################## # Antonomasia ant@notatla.demon.co.uk # # See http://www.notatla.demon.co.uk/ # ############################################################## - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 00:40:12 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA09565 for securedistros-list; Mon, 7 Jun 1999 00:40:12 +0200 Received: from casal.upc.es (casal.upc.es [147.83.61.17]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA09510 for ; Mon, 7 Jun 1999 00:40:01 +0200 Received: from pere by casal.upc.es with local-smtp (Exim 2.05 #1 (Debian)) id 10qlaA-0001K1-00; Mon, 7 Jun 1999 00:39:58 +0200 Date: Mon, 7 Jun 1999 00:39:58 +0200 (CET) From: Pere Camps To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hi! > possibly instead of commenting out the things in /etc/inetd.conf to keep > the machine functional.. have a firewall script that utilizes ipchains or > something alike to deny services from to the outside world. Possible, but what's the use of having a single host acting as a firewall? I see a possibility if you don't have any services open and you wish not to be affected by possible secure-related tcp/ip bugs (although I don't know to what extent ipchains would secure you, I'm no tcp/ip guru. I think that even only if you have one service open, then it's pretty useless to have a single-firewalled host. It's much more esasir to simply comment out a service in inetd and add the proper line in /etc/hosts.allow. -- p. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 00:43:45 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA18885 for securedistros-list; Mon, 7 Jun 1999 00:43:45 +0200 Received: from Nathan.ADHosting.Com (root@cx546345-a.chnd1.az.home.com [24.1.218.110]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA18794 for ; Mon, 7 Jun 1999 00:43:38 +0200 Received: from localhost (nathan@localhost) by Nathan.ADHosting.Com (8.9.1/8.9.1) with ESMTP id PAA10593 for ; Sun, 6 Jun 1999 15:48:00 -0700 Date: Sun, 6 Jun 1999 15:47:59 -0700 (MST) From: Nathan Staab To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org right, but ALL: ALL in your /etc/hosts.deny still allows a person to connect to that port, the operating system just checks against the file and denies the person. with a firewall the person attempting to connect to that port is not even able to connect to the port.. which may/may not help.. i am no guru either.. just my 2 cents - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 00:44:29 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA19186 for securedistros-list; Mon, 7 Jun 1999 00:44:29 +0200 Received: from europa.gtri.gatech.edu (IDENT:postfix@europa.gtri.gatech.edu [130.207.203.230]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA19119 for ; Mon, 7 Jun 1999 00:44:11 +0200 Received: by europa.gtri.gatech.edu (Postfix, from userid 0) id C11C6877C; Sun, 6 Jun 1999 18:44:07 -0400 (EDT) To: securedistros@nl.linux.org Subject: Re: wish list References: From: Brandon Craig Rhodes Date: 06 Jun 1999 18:44:07 -0400 In-Reply-To: Rik van Riel's message of "Mon, 7 Jun 1999 00:14:10 +0200 (CEST)" Message-ID: Lines: 19 X-Mailer: Gnus v5.5/XEmacs 20.4 - "Emerald" Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Rik van Riel writes: > I guess a good start for a list like this would be to > compose a wish list of features people would like to > see in a secure Linux distribution. Off the top of my head (and some (perhaps all, for all I know) of these wishes have already appeared elsewhere): o MD5 shadow passwords by default. o Uses postfix by default instead of sendmail. o Uses xinetd by default instead of normal inetd. o Uses sshd as preferred communication mechanism rather than telnetd. o All daemons come turned off by default, until I explicitly turn them on. -- Brandon Craig Rhodes http://www.rhodesmill.org/brandon Georgia Tech Information Security Center brandon@rhodesmill.org - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 00:45:52 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA20875 for securedistros-list; Mon, 7 Jun 1999 00:45:52 +0200 Received: from grebe.prod.itd.earthlink.net (grebe.prod.itd.earthlink.net [207.217.120.100]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA20705; Mon, 7 Jun 1999 00:45:40 +0200 Received: from geezer.earthlink.net (pool025-max8.ds23-ca-us.dialup.earthlink.net [209.179.26.25]) by grebe.prod.itd.earthlink.net (8.9.3/8.9.3) with ESMTP id PAA29946; Sun, 6 Jun 1999 15:45:35 -0700 (PDT) Received: (from bghandhi@localhost) by geezer.earthlink.net (8.9.3/8.9.3) id PAA06534; Sun, 6 Jun 1999 15:49:31 -0700 (PDT) Date: Sun, 6 Jun 1999 15:49:31 -0700 (PDT) Message-Id: <199906062249.PAA06534@geezer.earthlink.net> From: Bay Ghandhi To: securedistros@nl.linux.org CC: riel@nl.linux.org In-reply-to: (message from Nathan Staab on Sun, 6 Jun 1999 15:24:35 -0700 (MST)) Subject: Re: wish list References: Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > > possibly group catagorzation for ping and su > i.e. su is only able to be executed by a person in the group of "su" I assume you mean su to root? OpenBSD (which I run) and, afaik other *bsd's have a "wheel" group that a user must be a member of to su to root. > likewise for ping & traceroute and have that defined in the setup who > would have access to that.. instead of a basic out-of-box install of just > plain anyone who has an account on the box can use su, ping & traceroute. I don't see anything wrong with these being available to local users. Only root can ping -f . I think we should try and have "secure" but "open" systems with the full availability of the power of Linux. Otherwise why not just have a dos prompt? -- Bay Ghandhi ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Email: bghandhi@earthlink.net IRC: DrDev (EFnet - #LinuxLounge) PGP: 1024/52061815 Fingerprint: AA 20 2E D1 2C 0D 67 F8 C4 20 78 6C 3E 30 1F 5E ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 00:56:14 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA21327 for securedistros-list; Mon, 7 Jun 1999 00:56:14 +0200 Received: from scaup.prod.itd.earthlink.net (scaup.prod.itd.earthlink.net [207.217.120.49]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA21054 for ; Mon, 7 Jun 1999 00:55:54 +0200 Received: from geezer.earthlink.net (pool025-max8.ds23-ca-us.dialup.earthlink.net [209.179.26.25]) by scaup.prod.itd.earthlink.net (8.9.3/8.9.3) with ESMTP id PAA05015; Sun, 6 Jun 1999 15:55:45 -0700 (PDT) Received: (from bghandhi@localhost) by geezer.earthlink.net (8.9.3/8.9.3) id PAA20148; Sun, 6 Jun 1999 15:59:41 -0700 (PDT) Date: Sun, 6 Jun 1999 15:59:41 -0700 (PDT) Message-Id: <199906062259.PAA20148@geezer.earthlink.net> From: Bay Ghandhi To: securedistros@nl.linux.org CC: securedistros@mirkwood.nl.linux.org In-reply-to: (message from Rik van Riel on Mon, 7 Jun 1999 00:14:10 +0200 (CEST)) Subject: Re: wish list References: Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org I would like a daily security script that would check system configs for changes, check file perms, s[ug]id programs, etc. I'm hacking together a port of the OpenBSD over to RedHat.. I don't know if such things exist already. -- Bay Ghandhi ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Email: bghandhi@earthlink.net IRC: DrDev (EFnet - #LinuxLounge) PGP: 1024/52061815 Fingerprint: AA 20 2E D1 2C 0D 67 F8 C4 20 78 6C 3E 30 1F 5E ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 00:56:17 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA21352 for securedistros-list; Mon, 7 Jun 1999 00:56:17 +0200 Received: from scaup.prod.itd.earthlink.net (scaup.prod.itd.earthlink.net [207.217.120.49]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA21263 for ; Mon, 7 Jun 1999 00:55:59 +0200 Received: from geezer.earthlink.net (pool025-max8.ds23-ca-us.dialup.earthlink.net [209.179.26.25]) by scaup.prod.itd.earthlink.net (8.9.3/8.9.3) with ESMTP id PAA05015; Sun, 6 Jun 1999 15:55:45 -0700 (PDT) Received: (from bghandhi@localhost) by geezer.earthlink.net (8.9.3/8.9.3) id PAA20148; Sun, 6 Jun 1999 15:59:41 -0700 (PDT) Date: Sun, 6 Jun 1999 15:59:41 -0700 (PDT) Message-Id: <199906062259.PAA20148@geezer.earthlink.net> From: Bay Ghandhi To: securedistros@nl.linux.org CC: securedistros@mirkwood.nl.linux.org In-reply-to: (message from Rik van Riel on Mon, 7 Jun 1999 00:14:10 +0200 (CEST)) Subject: Re: wish list References: Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org I would like a daily security script that would check system configs for changes, check file perms, s[ug]id programs, etc. I'm hacking together a port of the OpenBSD over to RedHat.. I don't know if such things exist already. -- Bay Ghandhi ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Email: bghandhi@earthlink.net IRC: DrDev (EFnet - #LinuxLounge) PGP: 1024/52061815 Fingerprint: AA 20 2E D1 2C 0D 67 F8 C4 20 78 6C 3E 30 1F 5E ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 01:13:54 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id BAA07697 for securedistros-list; Mon, 7 Jun 1999 01:13:54 +0200 Received: from casal.upc.es (casal.upc.es [147.83.61.17]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id BAA07645 for ; Mon, 7 Jun 1999 01:13:47 +0200 Received: from pere by casal.upc.es with local-smtp (Exim 2.05 #1 (Debian)) id 10qm6q-0001QD-00; Mon, 7 Jun 1999 01:13:44 +0200 Date: Mon, 7 Jun 1999 01:13:44 +0200 (CET) From: Pere Camps To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: <199906062259.PAA20148@geezer.earthlink.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Bay, > I would like a daily security script that would check system configs for > changes, check file perms, s[ug]id programs, etc. I'm hacking together a > port of the OpenBSD over to RedHat.. I don't know if such things exist > already. Check tripwire. I think it's the best tool around. -- p. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 01:19:38 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id BAA25142 for securedistros-list; Mon, 7 Jun 1999 01:19:38 +0200 Received: from ncc1703.networkcarolina.com (ncc1703.networkcarolina.com [12.21.176.13]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id BAA25031 for ; Mon, 7 Jun 1999 01:19:29 +0200 Received: by ncc1703.networkcarolina.com from localhost (router,SLMail V3.2); Sun, 06 Jun 1999 19:16:13 -0400 Received: from mustang [12.21.176.170] by ncc1703.networkcarolina.com [12.21.176.13] (SLmail 3.2.3113) with SMTP id A49A69281B7A11D3BDD00008C70FE520 for ; Sun, 06 Jun 1999 19:16:12 -0400 Message-ID: <009701beb073$5699cc00$0400010a@mustang.guarded.net> From: "Matt Caldwell" To: Subject: Re: wish list Date: Sun, 6 Jun 1999 19:21:42 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.1 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 X-SLUIDL: C3823FC3-0E5511D3-BDD00008-C70FE520 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org I would like to suggest a few things. If your going to make the system "Secure" then the creation of automatic ACL's on system binaries that have root level access would be nice to see. Possible groups include a socket() creation group, and or network raw access group. Another group for strickly security administration and then real wheel. Installation of tripwire for system integrity on initial install. The installation of a sudo to limit the amount of su - root's. A nice gui for the times users can login such as in Windows NT. Randomizing passwords for the users and or the use of something like npasswd to check against a dictionary Nice gui for the ipchains firewall, with automatic logging and reporting daily of denied packets. Possible ipsentry or something to block against the attacks (could be light version). I fully support the disabling of all daemons not needed and the use of xinetd. Use of linux ext2fs functions on the logs files such as the append only mode. Just a few random suggestions Matthew F. Caldwell, CISSP - President -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Guarded.Net - A Information Security Company connect(); to the future of secure computing! Visit us on the web @ http://www.guarded.net -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 01:20:25 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id BAA25523 for securedistros-list; Mon, 7 Jun 1999 01:20:25 +0200 Received: from core.telnet.sk ([195.98.31.153]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id BAA25397 for ; Mon, 7 Jun 1999 01:20:07 +0200 Received: from pobox.sk (core.telnet.sk [195.98.31.153]) by core.telnet.sk (8.8.7/8.8.7) with ESMTP id BAA03400 for ; Mon, 7 Jun 1999 01:18:44 +0200 Message-ID: <375B01D2.A45F75DD@pobox.sk> Date: Mon, 07 Jun 1999 01:18:42 +0200 From: Matej Kovac X-Mailer: Mozilla 4.08 [en] (X11; I; Linux 2.0.36 i586) MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: wish list References: <199906062259.PAA20148@geezer.earthlink.net> Content-Type: text/plain; charset=iso-8859-2 Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Bay Ghandhi wrote: > > I would like a daily security script that would check system configs for > changes, check file perms, s[ug]id programs, etc. I'm hacking together a > port of the OpenBSD over to RedHat.. I don't know if such things exist > already. yes, there is: ftp://tools.tradeservices.com/pub/nannie/ pretty simple, but works. -- Matej Kovac mailto:matej@pobox.sk ICQ:733788 - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 01:41:44 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id BAA29948 for securedistros-list; Mon, 7 Jun 1999 01:41:44 +0200 Received: from oly.silverlink.net (poke@oly.silverlink.net [209.20.168.1]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id BAA29871 for ; Mon, 7 Jun 1999 01:41:36 +0200 From: poke@oly.silverlink.net Received: from localhost (poke@localhost) by oly.silverlink.net (8.8.5/8.6.9) with SMTP id QAA22434 for ; Sun, 6 Jun 1999 16:44:23 -0700 (PDT) Date: Sun, 6 Jun 1999 16:44:23 -0700 (PDT) To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Well, I always thought it would be nice to redo the concept of a group. Instead of having members belong to groups, wouldn't it be nice to have groups that belong to groups as well? This way you could create hierarchies of authority with little trouble at all. -Chuck On Mon, 7 Jun 1999, Rik van Riel wrote: > Hi, > > I guess a good start for a list like this would be to > compose a wish list of features people would like to > see in a secure Linux distribution. > > Once we've got the list the three distributions can > implement the features they feel suit them and the > participants in the list will be able to choose the > best distribution for their purposes. > > In that way, the making of a wish list will steer > the secure Linux projecs and the people interested > in them in their 'right direction' and will keep > people interested and projects rolling along at a > good pace. > > So, who's got the first wish? :) > > cheers, > > Rik -- Open Source: you deserve to be in control of your data. > +-------------------------------------------------------------------+ > | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | > | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | > | Nederlandse Linux documentatie: http://www.nl.linux.org/ | > +-------------------------------------------------------------------+ > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ > -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ : WWW: http://www.silverlink.net/poke : : E-Mail: chuckw@silverlink.net : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ : Ask Mike! Aviation's response to Dear : : Abby. http://www.avstarair.com : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 01:42:01 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id BAA30023 for securedistros-list; Mon, 7 Jun 1999 01:42:01 +0200 Received: from jungle.hitrust.net (IDENT:vf@jungle.hitrust.net [206.105.234.98]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id BAA29981 for ; Mon, 7 Jun 1999 01:41:47 +0200 From: vf@jungle.hitrust.net Message-Id: <199906062341.BAA29981@nl.linux.org> Received: (from vf@localhost) by jungle.hitrust.net (8.9.3/8.9.3) id TAA05044 for securedistros@nl.linux.org; Sun, 6 Jun 1999 19:41:42 -0400 Subject: Re: wish list To: securedistros@nl.linux.org Date: Sun, 6 Jun 1999 19:41:42 -0400 (AST) In-Reply-To: from "Rik van Riel" at Jun 7, 99 00:14:10 am X-Mailer: ELM [version 2.4 PL25 PGP8] MIME-Version: 1.0 Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > > Hi, > > I guess a good start for a list like this would be to > compose a wish list of features people would like to > see in a secure Linux distribution. Linux Capabilities propably can be a right tool to offer fine-tuned permissions, sometimes unknown in traditional unix security model. Vadim Fedukovich - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 01:44:54 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id BAA02404 for securedistros-list; Mon, 7 Jun 1999 01:44:54 +0200 Received: from oly.silverlink.net (poke@oly.silverlink.net [209.20.168.1]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id BAA02293 for ; Mon, 7 Jun 1999 01:44:45 +0200 From: poke@oly.silverlink.net Received: from localhost (poke@localhost) by oly.silverlink.net (8.8.5/8.6.9) with SMTP id QAA25589 for ; Sun, 6 Jun 1999 16:47:32 -0700 (PDT) Date: Sun, 6 Jun 1999 16:47:31 -0700 (PDT) To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > This has already been raised, but I would like to see a distribution that > does not enable any daemons or similar security risks by default without > making the installer thoroughly aware that a) the daemon has been > installed and b) that the known security risks are as follows. It strikes me that a good way of doing this would be to somehow hook the distribution in with a reliable bug reporting database. Perhaps bugtraq. Then at install time, the user could be notified that such-and-such service could be installed and the risks are the following. A simple web query would then d/l the latest information and augment that with the old stuff that would be included with the distribution. The old stuff would be useful for folks who don't have network access or choose not to turn on web access... -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ : WWW: http://www.silverlink.net/poke : : E-Mail: chuckw@silverlink.net : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ : Ask Mike! Aviation's response to Dear : : Abby. http://www.avstarair.com : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 01:52:17 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id BAA23936 for securedistros-list; Mon, 7 Jun 1999 01:52:17 +0200 Received: from freeside.ultraviolet.org (IDENT:qmailr@adsl-216-103-8-86.dsl.sndg02.pacbell.net [216.103.8.86]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id BAA23797 for ; Mon, 7 Jun 1999 01:51:59 +0200 Received: (qmail 9716 invoked by uid 517); 6 Jun 1999 23:51:55 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 6 Jun 1999 23:51:55 -0000 Date: Sun, 6 Jun 1999 16:51:55 -0700 (PDT) From: "Andrew G. Feinberg" To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Sun, 6 Jun 1999 poke@oly.silverlink.net wrote: > > distribution in with a reliable bug reporting database. Perhaps bugtraq. > Then at install time, the user could be notified that such-and-such > service could be installed and the risks are the following. A simple web > query would then d/l the latest information and augment that with the old > stuff that would be included with the distribution. The old stuff would be > useful for folks who don't have network access or choose not to turn on > web access... I think that something like Bugzilla or the Debian BTS (my favorite, although it requires alot of overhead) would be perfect for this task...especially the Debian system, since it so wonderfully integrates email. I don't know how much hacking it would take to get it to send mail to registered users of a distro when a critical bug comes out. Even better: a built-in user with a procmail script that would read mail from the BTS and download/install fixes automagically. This would be especially possible with a .deb based distrobution...RPM just isn't as good at remotely getting stuff (I don't think it can) as apt (Debian's package management tool) is, IMHO. Andrew Andrew G. Feinberg andrew@ultraviolet.org http://www.ultraviolet.org/andrew PGP Fingerprint: 78 55 2B B4 A7 B2 96 FF 84 BA 4A 3F 23 82 DD 80 Pager: 1-888-950-5050 PIN 6093780 WHOIS: AF897 http://hs-lug.tux.org - High School Linux! Educate! http://www.debian.org - Debian GNU/Linux - The choice of a GNU generation - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 02:05:55 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id CAA32611 for securedistros-list; Mon, 7 Jun 1999 02:05:55 +0200 Received: from oly.silverlink.net (poke@oly.silverlink.net [209.20.168.1]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id CAA32517 for ; Mon, 7 Jun 1999 02:05:47 +0200 From: poke@oly.silverlink.net Received: from localhost (poke@localhost) by oly.silverlink.net (8.8.5/8.6.9) with SMTP id RAA17135 for ; Sun, 6 Jun 1999 17:08:34 -0700 (PDT) Date: Sun, 6 Jun 1999 17:08:34 -0700 (PDT) To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > RPM just isn't as good at remotely getting stuff (I don't think it can) > as apt (Debian's package management tool) is, IMHO. We use Open View Software Distributor and it makes RPM look like a childs toy. I think RPM is only used for a lack of anything better. Another thing to add to the wish list is a reliable and robust (Even OVSD has neither) software packaging and delivery system. Along with that Redhat has something called Kickstart, an OS delivery system. It is pretty sad but it is all we have. Perhaps we could build a true OS image delivery system, something like HP's ignite. Couple all of that with a good Revision Control system like ClearCase and a good database backend like Oracle and you've got yourself a top notch software delivery system. But I digress, sorry for getting carried away, after all, this is only an OS distro :-) -Chuck -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ : WWW: http://www.silverlink.net/poke : : E-Mail: chuckw@silverlink.net : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ : Ask Mike! Aviation's response to Dear : : Abby. http://www.avstarair.com : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 02:20:29 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id CAA14455 for securedistros-list; Mon, 7 Jun 1999 02:20:29 +0200 Received: from hypnos.ddns.org (cgmd79240.chello.nl [212.83.79.240]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id CAA14388 for ; Mon, 7 Jun 1999 02:20:20 +0200 Received: from localhost (localhost [[UNIX: localhost]]) by hypnos.ddns.org (8.9.3/8.9.3) id CAA02024 for securedistros@nl.linux.org; Mon, 7 Jun 1999 02:20:48 +0200 From: fvw To: securedistros@nl.linux.org Subject: Re: wish list Date: Mon, 7 Jun 1999 02:18:02 +0200 X-Mailer: KMail [version 1.0.21] Content-Type: text/plain References: MIME-Version: 1.0 Message-Id: <99060702204800.02012@Hypnos.ddns.org> Content-Transfer-Encoding: 8bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > to registered users of a distro when a critical bug comes out. Even > better: a built-in user with a procmail script that would read mail from > the BTS and download/install fixes automagically. This would be especially > possible with a .deb based distrobution...RPM just isn't as good at > remotely getting stuff (I don't think it can) as apt (Debian's package > management tool) is, IMHO. You'd have to use somethin like pgp to check if the mail is from the right list, and even then IMHO it would be a security risk. Personally I don't like anything happening behind my back like that, at least not without me intentionally turning it on first. BTW: RPM can download packages via ftp. -- Frank v Waveren fvw@chello.nl ICQ# 10074100 - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 02:31:28 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id CAA13458 for securedistros-list; Mon, 7 Jun 1999 02:31:28 +0200 Received: from rzlin1.ruf.uni-freiburg.de (root@rzlin1.ruf.uni-freiburg.de [132.230.4.151]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id CAA13403 for ; Mon, 7 Jun 1999 02:31:20 +0200 Received: (from draht@localhost) by rzlin1.ruf.uni-freiburg.de (8.8.5/8.8.5) id CAA10775; Mon, 7 Jun 1999 02:31:17 +0200 Date: Mon, 7 Jun 1999 02:31:16 +0200 (MEST) From: Roman Drahtmueller To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: X-Organization: University of Freiburg MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by nl.linux.org id CAA13416 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > > possibly group catagorzation for ping and su > i.e. su is only able to be executed by a person in the group of "su" > likewise for ping & traceroute and have that defined in the setup who > would have access to that.. instead of a basic out-of-box install of just > plain anyone who has an account on the box can use su, ping & traceroute. > There's one thing I definitely don't want to see in such "secure" implementations of standard functions: That people reinvent the wheel. I believe that the most interesting aspect of such a distribution is that standard unix security problems could be circumvented by lowering the required (temporary) privileges for certain services and thereby increasing the overall security level of the system. Example: apache needs to be started as root because it needs bind() on port 80 (< 1024). It would be desirable that bind() on port 80 can not only succeed for root but for userid wwwrun, too. If you are able to argue that it is as difficult to become another user as to become root, it is a win. In other words: Don't think so "binary" as "yes or no" or "suser() or not". Modularize! If someone needs access to ping, give him group ping, chmod 6750 /bin/ping and chgrp ping /bin/ping (and prolly chmod again...). This is rather old. We need a fully transparent model to distribute access permissions on top of the old one to preserve portability and compatibility. No registry please. Roman. -- _ _ | Roman Drahtmüller "You don't need eyes to see, | CC University of Freiburg you need vision." | email: draht@uni-freiburg.de - Maxi Jazz, Faithless | - - - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 02:45:51 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id CAA25699 for securedistros-list; Mon, 7 Jun 1999 02:45:51 +0200 Received: from church.cse.ogi.edu (root@cse.ogi.edu [129.95.20.2]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id CAA25446; Mon, 7 Jun 1999 02:45:40 +0200 Received: from cse.ogi.edu (crispin@dialup-09.cse.ogi.edu [129.95.49.9]) by church.cse.ogi.edu (8.8.6/8.8.6) with ESMTP id RAA01325; Sun, 6 Jun 1999 17:45:32 -0700 (PDT) Message-ID: <375B0502.12432093@cse.ogi.edu> Date: Sun, 06 Jun 1999 16:32:19 -0700 From: Crispin Cowan Organization: Oregon Graduate Institute X-Mailer: Mozilla 4.6 [en] (X11; I; Linux 2.0.35 i586) X-Accept-Language: en MIME-Version: 1.0 To: Rik van Riel CC: Chris Evans , securelinux@reseau.nl, bastille-linux@bastille-linux.org, kha0s-dev@kha0s.org, securedistros@nl.linux.org, security-audit@ferret.lmh.ox.ac.uk Subject: Re: Ann: common secure linux mailing list References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Rik van Riel wrote: > On Sun, 6 Jun 1999, Chris Evans wrote: > > On Sun, 6 Jun 1999, Rik van Riel wrote: > > > > > The main things we'll discuss on the list will be things > > > like bug fixes, code fixups and generic security ideas that > > > are usable in all secure Linux distributions. > > > > Unless I'm mistaken, that's what goes on here. Surely list > > fragmentation is a bad idea? I don't see it as fragmentation. I see it as an attempt to unify an arena that is already badly fragmented. There are lots of groups working to enhance Linux security in one form or another, and yet none of them have anywhere near the critical mass of OpenBSD, which itself is a pretty small-time operation. If securedistros@nl.linux.org can achieve effective sharing of results, then that in itself is a very large contribution. > The security-audit list is for the improvement of programs. > The list I set up was meant as a list for the general > improvement of packages, the configuration of packages and > choosing which package to use for such a distribution. > > Unfortunately, I seem to have had a slight brain fart > when doing the above announcement -- the overlap with > security-audit wasn't planned :( The difference I perceive between securedistros and security-audit is that security-audit has focussed on fixing programs and packages, but has been ineffective in coming up with a complete distro of secured packages. The auditing has been ad hoc. Security-audit would be a much more valuable resource if there was a well-organized web site of: * comprehensive list of packages needing auditing * comprehensive list of audited packages, including o who audited it (a list of people) o what problems they found o fixed versions o information about whether the patches have been adopted by the package maintainer * bonus: an actual distro of all-audited packages Ideas like this have been discussed on security-audit before, but no one ever took the inititive to actually do it. Crispin ----- Crispin Cowan, Research Assistant Professor of Computer Science, OGI NEW: Protect Your Linux Host with StackGuard'd Programs :FREE http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ Microsoft: Putting the "lame" in "layman" - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 02:47:49 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id CAA28544 for securedistros-list; Mon, 7 Jun 1999 02:47:49 +0200 Received: from rommel.stw.uni-erlangen.de (qmailr@mail.rommel.stw.uni-erlangen.de [131.188.24.4]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id CAA28466 for ; Mon, 7 Jun 1999 02:47:38 +0200 Received: (qmail 32592 invoked by uid 1001); 7 Jun 1999 00:47:29 -0000 MBOX-Line: From security-audit-return-2778-flo=rommel.stw.uni-erlangen.de@ferret.lmh.ox.ac.uk Mon Jun 07 00:47:29 1999 Delivered-To: flo@rommel.stw.uni-erlangen.de Received: (qmail 32584 invoked from network); 7 Jun 1999 00:47:28 -0000 Received: from faui45.informatik.uni-erlangen.de (root@131.188.2.45) by mail.rommel.stw.uni-erlangen.de with SMTP; 7 Jun 1999 00:47:28 -0000 Received: from ferret.lmh.ox.ac.uk (IDENT:qmailr@ferret.lmh.ox.ac.uk [163.1.138.204]) by faui45.informatik.uni-erlangen.de (8.9.1/8.1.49-FAU) with SMTP id CAA06630 for ; Mon, 7 Jun 1999 02:47:27 +0200 (MET DST) Received: (qmail 20668 invoked by uid 529); 7 Jun 1999 00:45:42 -0000 Mailing-List: contact security-audit-help@ferret.lmh.ox.ac.uk; run by ezmlm Delivered-To: mailing list security-audit@ferret.lmh.ox.ac.uk Received: (qmail 20640 invoked from network); 7 Jun 1999 00:45:41 -0000 Received: from cse.ogi.edu (HELO church.cse.ogi.edu) (root@129.95.20.2) by ferret.lmh.ox.ac.uk with SMTP; 7 Jun 1999 00:45:41 -0000 Received: from cse.ogi.edu (crispin@dialup-09.cse.ogi.edu [129.95.49.9]) by church.cse.ogi.edu (8.8.6/8.8.6) with ESMTP id RAA01325; Sun, 6 Jun 1999 17:45:32 -0700 (PDT) Message-ID: <375B0502.12432093@cse.ogi.edu> Date: Sun, 06 Jun 1999 16:32:19 -0700 From: Crispin Cowan Organization: Oregon Graduate Institute X-Mailer: Mozilla 4.6 [en] (X11; I; Linux 2.0.35 i586) X-Accept-Language: en MIME-Version: 1.0 CC: Chris Evans , securelinux@reseau.nl, bastille-linux@bastille-linux.org, kha0s-dev@kha0s.org, securedistros@nl.linux.org, security-audit@ferret.lmh.ox.ac.uk Subject: Re: Ann: common secure linux mailing list References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Flo-copy: jerry To: snflhelb@rzmail.uni-erlangen.de Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Rik van Riel wrote: > On Sun, 6 Jun 1999, Chris Evans wrote: > > On Sun, 6 Jun 1999, Rik van Riel wrote: > > > > > The main things we'll discuss on the list will be things > > > like bug fixes, code fixups and generic security ideas that > > > are usable in all secure Linux distributions. > > > > Unless I'm mistaken, that's what goes on here. Surely list > > fragmentation is a bad idea? I don't see it as fragmentation. I see it as an attempt to unify an arena that is already badly fragmented. There are lots of groups working to enhance Linux security in one form or another, and yet none of them have anywhere near the critical mass of OpenBSD, which itself is a pretty small-time operation. If securedistros@nl.linux.org can achieve effective sharing of results, then that in itself is a very large contribution. > The security-audit list is for the improvement of programs. > The list I set up was meant as a list for the general > improvement of packages, the configuration of packages and > choosing which package to use for such a distribution. > > Unfortunately, I seem to have had a slight brain fart > when doing the above announcement -- the overlap with > security-audit wasn't planned :( The difference I perceive between securedistros and security-audit is that security-audit has focussed on fixing programs and packages, but has been ineffective in coming up with a complete distro of secured packages. The auditing has been ad hoc. Security-audit would be a much more valuable resource if there was a well-organized web site of: * comprehensive list of packages needing auditing * comprehensive list of audited packages, including o who audited it (a list of people) o what problems they found o fixed versions o information about whether the patches have been adopted by the package maintainer * bonus: an actual distro of all-audited packages Ideas like this have been discussed on security-audit before, but no one ever took the inititive to actually do it. Crispin ----- Crispin Cowan, Research Assistant Professor of Computer Science, OGI NEW: Protect Your Linux Host with StackGuard'd Programs :FREE http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ Microsoft: Putting the "lame" in "layman" - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 02:54:38 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id CAA15856 for securedistros-list; Mon, 7 Jun 1999 02:54:38 +0200 Received: from note.orchestra.cse.unsw.EDU.AU (root@note.orchestra.cse.unsw.EDU.AU [129.94.242.29]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id CAA15464; Mon, 7 Jun 1999 02:54:26 +0200 Received: From nile With LocalMail ; Mon, 7 Jun 99 10:53:51 +1000 From: Emmanuel Galanos To: Crispin Cowan , Rik van Riel Date: Mon, 7 Jun 1999 10:53:51 +1000 Message-ID: <19990607105351.D9410@cse.unsw.edu.au> Cc: Chris Evans , securelinux@reseau.nl, bastille-linux@bastille-linux.org, kha0s-dev@kha0s.org, securedistros@nl.linux.org, security-audit@ferret.lmh.ox.ac.uk Subject: Re: Ann: common secure linux mailing list References: <375B0502.12432093@cse.ogi.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: <375B0502.12432093@cse.ogi.edu>; from Crispin Cowan on Sun, Jun 06, 1999 at 04:32:19PM -0700 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Sun, Jun 06, 1999 at 04:32:19PM -0700, Crispin Cowan wrote: > Security-audit would be a much more valuable resource if there was a > well-organized web site of: > > * comprehensive list of packages needing auditing > * comprehensive list of audited packages, including > o who audited it (a list of people) > o what problems they found > o fixed versions > o information about whether the patches have been adopted by the > package maintainer I have been working on this, and the web site should be up in about 1-2 weeks time (with all those features you mentioned). I would hope that all of the secure distributions can use this to keep track of the status of various packages. eman - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 02:56:10 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id CAA17782 for securedistros-list; Mon, 7 Jun 1999 02:56:10 +0200 Received: from rommel.stw.uni-erlangen.de (qmailr@mail.rommel.stw.uni-erlangen.de [131.188.24.4]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id CAA17676 for ; Mon, 7 Jun 1999 02:55:56 +0200 Received: (qmail 32742 invoked by uid 1001); 7 Jun 1999 00:55:52 -0000 MBOX-Line: From security-audit-return-2779-flo=rommel.stw.uni-erlangen.de@ferret.lmh.ox.ac.uk Mon Jun 07 00:55:52 1999 Delivered-To: flo@rommel.stw.uni-erlangen.de Received: (qmail 32734 invoked from network); 7 Jun 1999 00:55:52 -0000 Received: from faui45.informatik.uni-erlangen.de (root@131.188.2.45) by mail.rommel.stw.uni-erlangen.de with SMTP; 7 Jun 1999 00:55:52 -0000 Received: from ferret.lmh.ox.ac.uk (IDENT:qmailr@ferret.lmh.ox.ac.uk [163.1.138.204]) by faui45.informatik.uni-erlangen.de (8.9.1/8.1.49-FAU) with SMTP id CAA06804 for ; Mon, 7 Jun 1999 02:55:51 +0200 (MET DST) Received: (qmail 23087 invoked by uid 529); 7 Jun 1999 00:54:33 -0000 Mailing-List: contact security-audit-help@ferret.lmh.ox.ac.uk; run by ezmlm Delivered-To: mailing list security-audit@ferret.lmh.ox.ac.uk Received: (qmail 23079 invoked from network); 7 Jun 1999 00:54:32 -0000 Received: from note.orchestra.cse.unsw.edu.au (root@129.94.242.29) by ferret.lmh.ox.ac.uk with SMTP; 7 Jun 1999 00:54:32 -0000 Received: From nile With LocalMail ; Mon, 7 Jun 99 10:53:51 +1000 From: Emmanuel Galanos Date: Mon, 7 Jun 1999 10:53:51 +1000 Message-ID: <19990607105351.D9410@cse.unsw.edu.au> Cc: Chris Evans , securelinux@reseau.nl, bastille-linux@bastille-linux.org, kha0s-dev@kha0s.org, securedistros@nl.linux.org, security-audit@ferret.lmh.ox.ac.uk Subject: Re: Ann: common secure linux mailing list References: <375B0502.12432093@cse.ogi.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: <375B0502.12432093@cse.ogi.edu>; from Crispin Cowan on Sun, Jun 06, 1999 at 04:32:19PM -0700 Flo-copy: jerry To: snflhelb@rzmail.uni-erlangen.de Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Sun, Jun 06, 1999 at 04:32:19PM -0700, Crispin Cowan wrote: > Security-audit would be a much more valuable resource if there was a > well-organized web site of: > > * comprehensive list of packages needing auditing > * comprehensive list of audited packages, including > o who audited it (a list of people) > o what problems they found > o fixed versions > o information about whether the patches have been adopted by the > package maintainer I have been working on this, and the web site should be up in about 1-2 weeks time (with all those features you mentioned). I would hope that all of the secure distributions can use this to keep track of the status of various packages. eman - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 03:00:33 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id DAA26940 for securedistros-list; Mon, 7 Jun 1999 03:00:33 +0200 Received: from smtp.thegrid.net (smtp.thegrid.net [209.162.1.11]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id DAA26884 for ; Mon, 7 Jun 1999 03:00:22 +0200 Received: (qmail 5249 invoked from network); 7 Jun 1999 01:00:12 -0000 Received: from pop.thegrid.net (209.162.1.5) by smtp.thegrid.net with SMTP; 7 Jun 1999 01:00:12 -0000 Received: from El_Diablo (slo-ts1-h1-206-171.ispmodems.net [207.114.206.171]) by pop.thegrid.net (8.9.1a/8.9.1) with SMTP id SAA24517 for ; Sun, 6 Jun 1999 18:00:11 -0700 (PDT) Message-Id: <199906070100.SAA24517@pop.thegrid.net> X-Sender: i171665@mail.thegrid.net X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.2 Demo Date: Sun, 06 Jun 1999 18:00:21 -0700 To: securedistros@nl.linux.org From: Martin Morales Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org $ echo subscribe securedistros | mail majordomo@nl.linux.org Maritn R Morales The Grid Inc. http://www.thegrid.net dv8@thegrid.net pagemartin@thegrid.net 476-9144 - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 03:12:41 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id DAA30600 for securedistros-list; Mon, 7 Jun 1999 03:12:41 +0200 Received: from hypnos.ddns.org (cgmd79240.chello.nl [212.83.79.240]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id DAA30527 for ; Mon, 7 Jun 1999 03:12:33 +0200 Received: from localhost (localhost [[UNIX: localhost]]) by hypnos.ddns.org (8.9.3/8.9.3) id DAA00469 for securedistros@nl.linux.org; Mon, 7 Jun 1999 03:12:59 +0200 From: fvw To: securedistros@nl.linux.org Subject: Re: Date: Mon, 7 Jun 1999 03:12:03 +0200 X-Mailer: KMail [version 1.0.21] Content-Type: text/plain References: <199906070100.SAA24517@pop.thegrid.net> MIME-Version: 1.0 Message-Id: <99060703125900.00465@Hypnos.ddns.org> Content-Transfer-Encoding: 8bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org I think you slightly missed the idea: You should just enter "echo subscribe securedistros | mail majordomo@nl.linux.org" at the prompt, not send it to the mailinglist address... :-) On Mon, 07 Jun 1999, Martin Morales wrote: > $ echo subscribe securedistros | mail majordomo@nl.linux.org > > Maritn R Morales > The Grid Inc. > http://www.thegrid.net > dv8@thegrid.net > pagemartin@thegrid.net > 476-9144 > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ -- Frank v Waveren fvw@chello.nl ICQ# 10074100 - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 03:56:27 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id DAA31601 for securedistros-list; Mon, 7 Jun 1999 03:56:27 +0200 Received: from jackstraw.syr.edu (IDENT:root@sudial0606-102.syr.edu [128.230.151.102]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id DAA31482 for ; Mon, 7 Jun 1999 03:56:18 +0200 Received: from calvert.syr.edu (calvert [192.168.4.69]) by jackstraw.syr.edu (8.9.3/8.9.3) with SMTP id VAA08073 for ; Sun, 6 Jun 1999 21:57:47 -0400 From: Douglas Elznic To: securedistros@nl.linux.org Subject: Re: Date: Sun, 6 Jun 1999 21:56:22 -0400 X-Mailer: KMail [version 1.0.21] Content-Type: text/plain References: <99060703125900.00465@Hypnos.ddns.org> MIME-Version: 1.0 Message-Id: <99060621572300.01187@calvert.syr.edu> Content-Transfer-Encoding: 8bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Sun, 06 Jun 1999, you wrote: > I think you slightly missed the idea: You should just enter > "echo subscribe securedistros | mail majordomo@nl.linux.org" at the > prompt, not send it to the mailinglist address... > > :-) > Nope he missed the OS: X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.2 Demo :-) Windows people... will they ever think? - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 04:10:13 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id EAA26968 for securedistros-list; Mon, 7 Jun 1999 04:10:13 +0200 Received: from pez.hyperreal.org (pez.hyperreal.org [207.181.224.6]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id EAA26924 for ; Mon, 7 Jun 1999 04:10:02 +0200 Received: (qmail 24485 invoked by uid 4000); 7 Jun 1999 02:11:59 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 7 Jun 1999 02:11:59 -0000 Date: Sun, 6 Jun 1999 19:11:59 -0700 (PDT) From: Brian Behlendorf To: securedistros@nl.linux.org Subject: Security auditing of Linux and other OSS software Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hi. Apologies in advance if this seems inappropriate to this list. As some of you might know, we at O'Reilly and Associates are putting together a site called sourceXchange (www.sourcexchange.com) to simplify the funding of projects in the Open Source software space. One of the potential sponsors for projects on the site has expressed an interest in funding a series of projects to enhance the overall security of network software, mostly through audits of the most commonly-used code or, where necessary, implementations of new functionality. This isn't specifically about Linux, but I'd imagine most of the projects would be related to it. So when someone here mentioned "wish lists", this got me thinking... this sponsor needs someone to work with them to come up with a list of specific projects that need to be accomplished, and for which some funding could help. I *think* we're talking about maybe 6-8 projects, each of which should be 2 weeks - 3 months worth of work, and for which there'll be money to pay the various developers working on these tasks through the sXc. I myself am way overcommitted with other things to do the work to come up with this list, but I am hoping that someone out there might be willing to fill this (paid) planning role. It's got to be someone who's already very familiar with all the current auditing projects, knows something about how to audit code and what the "missing pieces" might be, etc. So if anyone out there is a consultant or would be willing to play a consultant on this task, please let me know (privately). The funds are there, and I think the developers are there - it's coming up with the road map that's the challenge. Thanks. Brian p.s. - I'm *really* glad to see this happen; I'm also hoping that the security features in these "secure distros" make their way into the more mainstream distros too. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 04:24:10 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id EAA05676 for securedistros-list; Mon, 7 Jun 1999 04:24:10 +0200 Received: from netralink.hotlink.com.br (netralink.hotlink.com.br [200.249.243.1]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id EAA05322 for ; Mon, 7 Jun 1999 04:23:56 +0200 Received: (qmail 25252 invoked from network); 7 Jun 1999 02:24:30 -0000 Received: from netralink.hotlink.com.br (HELO netralink) (200.249.243.1) by netralink.hotlink.com.br with SMTP; 7 Jun 1999 02:24:30 -0000 Date: Sun, 6 Jun 1999 23:24:30 -0300 (EST) From: Cristiano Lincoln Mattos To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Or even better... toss away inetd and start off with a more secure daemon, like xinetd. Cristiano Lincoln Mattos Recife / Brazil On Mon, 7 Jun 1999, Pere Camps wrote: > Hi! > > How about a simple thing as having all the services in inetd > commented out or a ALL:ALL in /etc/hosts.deny from the right begining of > the installation? > > -- p. > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ > - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 04:25:42 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id EAA07728 for securedistros-list; Mon, 7 Jun 1999 04:25:42 +0200 Received: from netralink.hotlink.com.br (netralink.hotlink.com.br [200.249.243.1]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id EAA07432 for ; Mon, 7 Jun 1999 04:25:28 +0200 Received: (qmail 25565 invoked from network); 7 Jun 1999 02:26:04 -0000 Received: from netralink.hotlink.com.br (HELO netralink) (200.249.243.1) by netralink.hotlink.com.br with SMTP; 7 Jun 1999 02:26:04 -0000 Date: Sun, 6 Jun 1999 23:26:03 -0300 (EST) From: Cristiano Lincoln Mattos To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On 6 Jun 1999, Brandon Craig Rhodes wrote: > Off the top of my head (and some (perhaps all, for all I know) of > these wishes have already appeared elsewhere): > o MD5 shadow passwords by default. Hi, What is the advantage of MD5 shadow passwords, over normal UNIX crypt()? Cristiano Lincoln Mattos Recife / Brazil - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 04:27:05 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id EAA08800 for securedistros-list; Mon, 7 Jun 1999 04:27:05 +0200 Received: from netralink.hotlink.com.br (netralink.hotlink.com.br [200.249.243.1]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id EAA08603 for ; Mon, 7 Jun 1999 04:26:53 +0200 Received: (qmail 25790 invoked from network); 7 Jun 1999 02:27:27 -0000 Received: from netralink.hotlink.com.br (HELO netralink) (200.249.243.1) by netralink.hotlink.com.br with SMTP; 7 Jun 1999 02:27:27 -0000 Date: Sun, 6 Jun 1999 23:27:27 -0300 (EST) From: Cristiano Lincoln Mattos To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: <199906062249.PAA06534@geezer.earthlink.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hi, Some versions of ping (i dont know if they are the latest) had a problem where, by sending a series of signals to a ping process, you could duplicate the -f behaviour... Cristiano Lincoln Mattos Recife / Brazil On Sun, 6 Jun 1999, Bay Ghandhi wrote: > I don't see anything wrong with these being available to local users. Only > root can ping -f . - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 04:28:07 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id EAA09287 for securedistros-list; Mon, 7 Jun 1999 04:28:07 +0200 Received: from netralink.hotlink.com.br (netralink.hotlink.com.br [200.249.243.1]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id EAA09069 for ; Mon, 7 Jun 1999 04:27:34 +0200 Received: (qmail 25896 invoked from network); 7 Jun 1999 02:28:10 -0000 Received: from netralink.hotlink.com.br (HELO netralink) (200.249.243.1) by netralink.hotlink.com.br with SMTP; 7 Jun 1999 02:28:10 -0000 Date: Sun, 6 Jun 1999 23:28:09 -0300 (EST) From: Cristiano Lincoln Mattos To: securedistros@nl.linux.org cc: securedistros@mirkwood.nl.linux.org Subject: Re: wish list In-Reply-To: <199906062259.PAA20148@geezer.earthlink.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org If the packaging used RPM, integrity checking could be used, with -V option.. Cristiano Lincoln Mattos Recife / Brazil On Sun, 6 Jun 1999, Bay Ghandhi wrote: > I would like a daily security script that would check system configs for > changes, check file perms, s[ug]id programs, etc. I'm hacking together a > port of the OpenBSD over to RedHat.. I don't know if such things exist > already. > > -- > > > Bay Ghandhi > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Email: bghandhi@earthlink.net > IRC: DrDev (EFnet - #LinuxLounge) > PGP: 1024/52061815 > Fingerprint: AA 20 2E D1 2C 0D 67 F8 C4 20 78 6C 3E 30 1F 5E > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ > - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 04:28:13 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id EAA09335 for securedistros-list; Mon, 7 Jun 1999 04:28:13 +0200 Received: from netralink.hotlink.com.br (netralink.hotlink.com.br [200.249.243.1]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id EAA09104 for ; Mon, 7 Jun 1999 04:27:38 +0200 Received: (qmail 25896 invoked from network); 7 Jun 1999 02:28:10 -0000 Received: from netralink.hotlink.com.br (HELO netralink) (200.249.243.1) by netralink.hotlink.com.br with SMTP; 7 Jun 1999 02:28:10 -0000 Date: Sun, 6 Jun 1999 23:28:09 -0300 (EST) From: Cristiano Lincoln Mattos To: securedistros@nl.linux.org cc: securedistros@mirkwood.nl.linux.org Subject: Re: wish list In-Reply-To: <199906062259.PAA20148@geezer.earthlink.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org If the packaging used RPM, integrity checking could be used, with -V option.. Cristiano Lincoln Mattos Recife / Brazil On Sun, 6 Jun 1999, Bay Ghandhi wrote: > I would like a daily security script that would check system configs for > changes, check file perms, s[ug]id programs, etc. I'm hacking together a > port of the OpenBSD over to RedHat.. I don't know if such things exist > already. > > -- > > > Bay Ghandhi > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Email: bghandhi@earthlink.net > IRC: DrDev (EFnet - #LinuxLounge) > PGP: 1024/52061815 > Fingerprint: AA 20 2E D1 2C 0D 67 F8 C4 20 78 6C 3E 30 1F 5E > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ > - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 04:28:56 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id EAA09552 for securedistros-list; Mon, 7 Jun 1999 04:28:56 +0200 Received: from netralink.hotlink.com.br (netralink.hotlink.com.br [200.249.243.1]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id EAA09471 for ; Mon, 7 Jun 1999 04:28:36 +0200 Received: (qmail 26097 invoked from network); 7 Jun 1999 02:29:11 -0000 Received: from netralink.hotlink.com.br (HELO netralink) (200.249.243.1) by netralink.hotlink.com.br with SMTP; 7 Jun 1999 02:29:11 -0000 Date: Sun, 6 Jun 1999 23:29:11 -0300 (EST) From: Cristiano Lincoln Mattos To: securedistros@nl.linux.org Subject: wish list Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Process accounting turned on by default would be nice. Cristiano Lincoln Mattos Recife / Brazil - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 04:31:37 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id EAA10663 for securedistros-list; Mon, 7 Jun 1999 04:31:33 +0200 Received: from ms.sia.ac.cn ([159.226.132.130]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id EAA10392 for ; Mon, 7 Jun 1999 04:31:12 +0200 Received: from kking (192.168.0.228) by ms.sia.ac.cn (EMWAC SMTPRS 0.81) with SMTP id ; Mon, 07 Jun 1999 10:30:52 +0800 Message-ID: <001b01beb08d$c411a2c0$e400a8c0@kking.sia.ac.cn> From: "kking" To: Subject: Re: Date: Mon, 7 Jun 1999 10:30:53 +0800 MIME-Version: 1.0 Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org >On Sun, 06 Jun 1999, you wrote: >> I think you slightly missed the idea: You should just enter >> "echo subscribe securedistros | mail majordomo@nl.linux.org" at the >> prompt, not send it to the mailinglist address... >> >> :-) >> >Nope he missed the OS: >X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.2 Demo >:-) >Windows people... will they ever think? I'm a win user.:-( but I did think.:-) >- >Securedistros: A common list for all secured Linux distributions >Archive: http://humbolt.nl.linux.org/lists/ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 04:33:37 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id EAA11390 for securedistros-list; Mon, 7 Jun 1999 04:32:49 +0200 Received: from alcove.wittsend.com (IDENT:root@alcove.wittsend.com [130.205.0.20]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id EAA11254 for ; Mon, 7 Jun 1999 04:32:27 +0200 Received: (from mhw@localhost) by alcove.wittsend.com (8.9.3/8.9.3) id WAA04802 for securedistros@nl.linux.org; Sun, 6 Jun 1999 22:32:24 -0400 From: "Michael H. Warfield" Message-Id: <199906070232.WAA04802@alcove.wittsend.com> Subject: Re: wish list In-Reply-To: from Cristiano Lincoln Mattos at "Jun 6, 1999 11:26:03 pm" To: securedistros@nl.linux.org Date: Sun, 6 Jun 1999 22:32:24 -0400 (EDT) X-Mailer: ELM [version 2.4ME+ PL56 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Cristiano Lincoln Mattos enscribed thusly: > On 6 Jun 1999, Brandon Craig Rhodes wrote: > > Off the top of my head (and some (perhaps all, for all I know) of > > these wishes have already appeared elsewhere): > > o MD5 shadow passwords by default. > Hi, > What is the advantage of MD5 shadow passwords, over normal > UNIX crypt()? At the very least... Long passwords... The use of UNIX crypt, which uses DES to create a hash function, limits passwords to 8 characters in standard form or 16 characters in an expanded form that was available in the original shadow password suite. MD5 hashes allow for larger passwords without giving away hints to the password length. Some would also argue that MD5 hashes are harder to brute force than DES passwords. I'm not totally sure that's a valid claim or, even if it was, that it's significant enough to warent MD5 over DES. One thing is for sure, DES (aka Unix crypt) offers nothing over MD5 with the possible exception of password file portability. (But we are talking SECURE distributions here - right?) > Cristiano Lincoln Mattos Recife / Brazil Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (770) 925-8248 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 05:12:18 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id FAA18375 for securedistros-list; Mon, 7 Jun 1999 05:12:18 +0200 Received: from jackstraw.syr.edu (IDENT:root@sudial0906-153.syr.edu [128.230.151.153]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id FAA18266 for ; Mon, 7 Jun 1999 05:12:09 +0200 Received: from calvert.syr.edu (calvert [192.168.4.69]) by jackstraw.syr.edu (8.9.3/8.9.3) with SMTP id XAA08227 for ; Sun, 6 Jun 1999 23:13:40 -0400 From: Douglas Elznic To: securedistros@nl.linux.org Subject: Re: Date: Sun, 6 Jun 1999 23:12:52 -0400 X-Mailer: KMail [version 1.0.21] Content-Type: text/plain References: <001b01beb08d$c411a2c0$e400a8c0@kking.sia.ac.cn> MIME-Version: 1.0 Message-Id: <99060623131601.01187@calvert.syr.edu> Content-Transfer-Encoding: 8bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Sun, 06 Jun 1999, you wrote: > >Nope he missed the OS: > >X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.2 Demo > >:-) > >Windows people... will they ever think? > > I'm a win user.:-( but I did think.:-) Just a little joke. No hard feelings - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 05:14:36 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id FAA23242 for securedistros-list; Mon, 7 Jun 1999 05:14:36 +0200 Received: from grebe.prod.itd.earthlink.net (grebe.prod.itd.earthlink.net [207.217.120.100]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id FAA23134 for ; Mon, 7 Jun 1999 05:14:28 +0200 Received: from geezer.earthlink.net (pool025-max8.ds23-ca-us.dialup.earthlink.net [209.179.26.25]) by grebe.prod.itd.earthlink.net (8.9.3/8.9.3) with ESMTP id UAA07619 for ; Sun, 6 Jun 1999 20:14:22 -0700 (PDT) Received: (from bghandhi@localhost) by geezer.earthlink.net (8.9.3/8.9.3) id UAA17640; Sun, 6 Jun 1999 20:18:19 -0700 (PDT) Date: Sun, 6 Jun 1999 20:18:19 -0700 (PDT) Message-Id: <199906070318.UAA17640@geezer.earthlink.net> From: Bay Ghandhi To: securedistros@nl.linux.org In-reply-to: <199906070232.WAA04802@alcove.wittsend.com> (mhw@wittsend.com) Subject: Re: wish list References: <199906070232.WAA04802@alcove.wittsend.com> Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > that it's significant enough to warent MD5 over DES. One thing is for sure, > DES (aka Unix crypt) offers nothing over MD5 with the possible exception of > password file portability. (But we are talking SECURE distributions here - > right?) > Why not use Blowfish? From the man page: DESCRIPTION Blowfish is a fast unpatented block cipher designed by Bruce Schneier. It basically consists of a 16 times iterated Feistel network. The block size is 64 bit and the key size is maximal 448 bit. Problem with "strong crypto" is screwy US laws mean no exports of it from the US, but I presume this distro is going to originate elsewhere? -- Bay Ghandhi ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Email: bghandhi@earthlink.net IRC: DrDev (EFnet - #LinuxLounge) PGP: 1024/52061815 Fingerprint: AA 20 2E D1 2C 0D 67 F8 C4 20 78 6C 3E 30 1F 5E ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 05:18:55 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id FAA02527 for securedistros-list; Mon, 7 Jun 1999 05:18:55 +0200 Received: from Nathan.ADHosting.Com (root@cx546345-a.chnd1.az.home.com [24.1.218.110]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id FAA02441 for ; Mon, 7 Jun 1999 05:18:48 +0200 Received: from localhost (nathan@localhost) by Nathan.ADHosting.Com (8.9.1/8.9.1) with ESMTP id UAA11069 for ; Sun, 6 Jun 1999 20:23:09 -0700 Date: Sun, 6 Jun 1999 20:23:09 -0700 (MST) From: Nathan Staab To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: <199906070232.WAA04802@alcove.wittsend.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org my wish list item is that if we could possibly use secure telnet and sshd, so either way our communications between us and the server we are connected to are encrypted. that way any passwords or anyone sniffing the network would not get the passwords to anyone logging into that server. the only downside is that you have to generate your own certificate using the ssleay package(or whatever it may be called now).. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 05:22:37 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id FAA11155 for securedistros-list; Mon, 7 Jun 1999 05:22:37 +0200 Received: from jackstraw.syr.edu (IDENT:root@sudial0906-153.syr.edu [128.230.151.153]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id FAA10700 for ; Mon, 7 Jun 1999 05:22:23 +0200 Received: from calvert.syr.edu (calvert [192.168.4.69]) by jackstraw.syr.edu (8.9.3/8.9.3) with SMTP id XAA08242 for ; Sun, 6 Jun 1999 23:23:43 -0400 From: Douglas Elznic To: securedistros@nl.linux.org Subject: Re: wish list Date: Sun, 6 Jun 1999 23:22:52 -0400 X-Mailer: KMail [version 1.0.21] Content-Type: text/plain References: <199906070318.UAA17640@geezer.earthlink.net> MIME-Version: 1.0 Message-Id: <99060623231903.01187@calvert.syr.edu> Content-Transfer-Encoding: 8bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Sun, 06 Jun 1999, you wrote: > > Why not use Blowfish? From the man page: > > DESCRIPTION > Blowfish is a fast unpatented block cipher designed by Bruce Schneier. > It basically consists of a 16 times iterated Feistel network. The block > size is 64 bit and the key size is maximal 448 bit. > > Problem with "strong crypto" is screwy US laws mean no exports of it from > the US, but I presume this distro is going to originate elsewhere? > OpenBSD touts this as one of thier strong points.... - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 06:30:28 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id GAA14395 for securedistros-list; Mon, 7 Jun 1999 06:30:28 +0200 Received: from pneumatic-tube.sgi.com (pneumatic-tube.sgi.com [204.94.214.22]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id GAA14314 for ; Mon, 7 Jun 1999 06:30:18 +0200 Received: from nodin.corp.sgi.com (nodin.corp.sgi.com [192.26.51.193]) by pneumatic-tube.sgi.com (980309.SGI.8.8.8-aspam-6.2/980310.SGI-aspam) via ESMTP id VAA932914 for <@external-mail-relay.sgi.com:securedistros@nl.linux.org>; Sun, 6 Jun 1999 21:30:10 -0700 (PDT) mail_from (raju@bhairavi.newdelhi.sgi.com) Received: from sgindia.newdelhi.sgi.com (newdelhi.sgi.com [134.14.90.2]) by nodin.corp.sgi.com (980427.SGI.8.8.8/980728.SGI.AUTOCF) via ESMTP id VAA13283 for <@relay.sgi.com:securedistros@nl.linux.org>; Sun, 6 Jun 1999 21:30:06 -0700 (PDT) Received: from bhairavi.newdelhi.sgi.com (bhairavi.newdelhi.sgi.com [134.14.90.52]) by sgindia.newdelhi.sgi.com (980427.SGI.8.8.8/970903.SGI.AUTOCF) via ESMTP id JAA69531 for ; Mon, 7 Jun 1999 09:58:50 +0530 (IST) Received: (from raju@localhost) by bhairavi.newdelhi.sgi.com (8.9.3/8.9.3) id JAA06705; Mon, 7 Jun 1999 09:46:30 +0530 (IST) Date: Mon, 7 Jun 1999 09:46:30 +0530 (IST) Message-Id: <199906070416.JAA06705@bhairavi.newdelhi.sgi.com> From: Raj Mathur To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: References: <199906070232.WAA04802@alcove.wittsend.com> X-Mailer: VM 6.31 under 20.2 XEmacs Lucid Mime-Version: 1.0 (generated by tm-edit 7.106) Content-Type: text/plain; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Some thoughts on the secure communications front: SSL Telnet => replaces telnet. Does SSL Telnet have a fallback to regular telnet if the remote client/server doesn't support it? SSH => replaces rlogin, rsh. Ssh falls back to rsh. Apache + SSLeay => replaces regular Apache. SSLeay (and in fact any SSL implementation) is a CPU hog when handling secure connections, but all we're going to use it for is changing passwords through a web page, right? ;-) There're hardware SSL encryption cards available, but not general enough yet. Mail: Hmm, this is an interesting one. Enough people use enough different types of clients to make enforcing a standard mail client difficult, if not impossible. And though this will be a distribution by itself, I personallyt wouldn't be too happy if it didn't allow me to use, e.g. Xemacvs+VM for my mailing. One solution is to enable certificate-oriented encryption for e-mail. I'm sure that the OpenLDAP can be hacked (if it hasn't already been done) to store and serve certificates, and then any mail client which can talk LDAP (and the number of these is growing) and to a certificate server can use PGP, GnuPG or another external package to do the encryption. We/I need to do some brainstorming and formalise this. Regards, -- Raju >>>>> "Nathan" == Nathan Staab writes: Nathan> my wish list item is that if we could possibly use secure Nathan> telnet and sshd, so either way our communications between Nathan> us and the server we are connected to are encrypted. that Nathan> way any passwords or anyone sniffing the network would not Nathan> get the passwords to anyone logging into that server. the Nathan> only downside is that you have to generate your own Nathan> certificate using the ssleay package(or whatever it may be Nathan> called now).. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 06:42:13 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id GAA18757 for securedistros-list; Mon, 7 Jun 1999 06:42:13 +0200 Received: from postino1.prima.com.ar (postino1.prima.com.ar [200.42.0.132]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id GAA18666 for ; Mon, 7 Jun 1999 06:41:56 +0200 Received: from richi.bombi.net (host028235.ciudad.com.ar [200.42.28.235]) by postino1.prima.com.ar (8.9.1a/8.9.1) with ESMTP id BAA10777; Mon, 7 Jun 1999 01:40:35 -0300 (ART) Received: (from riq@localhost) by richi.bombi.net (8.9.3/8.9.3/Debian/GNU) id BAA00648; Mon, 7 Jun 1999 01:47:56 -0300 Date: Mon, 7 Jun 1999 01:47:55 -0300 From: riq To: securedistros@nl.linux.org Cc: securedistros@mirkwood.nl.linux.org Subject: Re: wish list Message-ID: <19990607014755.A625@richi.bombi.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.3i In-Reply-To: ; from Rik van Riel on Mon, Jun 07, 1999 at 12:14:10AM +0200 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, Jun 07, 1999 at 12:14:10AM +0200, Rik van Riel wrote: > Hi, > > I guess a good start for a list like this would be to > compose a wish list of features people would like to > see in a secure Linux distribution. I would like a linux distro with IPSec. There is a port of IPSEC for kernel 2.0 at: http://www.xs4all.nl/~freeswan and I think a secure distro must have it. riq. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 06:42:21 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id GAA18789 for securedistros-list; Mon, 7 Jun 1999 06:42:21 +0200 Received: from postino1.prima.com.ar (postino1.prima.com.ar [200.42.0.132]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id GAA18705 for ; Mon, 7 Jun 1999 06:42:01 +0200 Received: from richi.bombi.net (host028235.ciudad.com.ar [200.42.28.235]) by postino1.prima.com.ar (8.9.1a/8.9.1) with ESMTP id BAA10777; Mon, 7 Jun 1999 01:40:35 -0300 (ART) Received: (from riq@localhost) by richi.bombi.net (8.9.3/8.9.3/Debian/GNU) id BAA00648; Mon, 7 Jun 1999 01:47:56 -0300 Date: Mon, 7 Jun 1999 01:47:55 -0300 From: riq To: securedistros@nl.linux.org Cc: securedistros@mirkwood.nl.linux.org Subject: Re: wish list Message-ID: <19990607014755.A625@richi.bombi.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.3i In-Reply-To: ; from Rik van Riel on Mon, Jun 07, 1999 at 12:14:10AM +0200 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, Jun 07, 1999 at 12:14:10AM +0200, Rik van Riel wrote: > Hi, > > I guess a good start for a list like this would be to > compose a wish list of features people would like to > see in a secure Linux distribution. I would like a linux distro with IPSec. There is a port of IPSEC for kernel 2.0 at: http://www.xs4all.nl/~freeswan and I think a secure distro must have it. riq. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 06:45:39 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id GAA23149 for securedistros-list; Mon, 7 Jun 1999 06:45:39 +0200 Received: from elephant.mail.ru (elephant.mail.ru [194.226.198.85]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id GAA23064 for ; Mon, 7 Jun 1999 06:45:30 +0200 Received: from camel-int ([10.0.1.1] helo=camel.mail.ru) by elephant.mail.ru with esmtp (Exim 2.12 #1) id 10qrHj-0004F0-00 for securedistros@nl.linux.org; Mon, 7 Jun 1999 08:45:19 +0400 Received: from dialup-uas-103.vrn.ru (dialup-uas-103.vrn.ru [195.98.95.103]) by camel.mail.ru (8.9.1+mPOP/8.9.1) with SMTP id IAA01744 for ; Mon, 7 Jun 1999 08:45:13 +0400 (MSD) Date: Mon, 7 Jun 1999 08:46:22 +0400 From: CrazyMaX X-Mailer: The Bat! (v1.31) S/N B2B97075 Organization: //UCLabs //CW X-Priority: 3 (Normal) Message-ID: <10365.990607@mail.ru> To: securedistros@nl.linux.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org $ echo subscribe securedistros | mail max@mmedia.voronezh.ru - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 07:01:06 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id HAA05339 for securedistros-list; Mon, 7 Jun 1999 07:01:06 +0200 Received: from Nathan.ADHosting.Com (root@cx546345-a.chnd1.az.home.com [24.1.218.110]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id HAA05238 for ; Mon, 7 Jun 1999 07:00:58 +0200 Received: from localhost (nathan@localhost) by Nathan.ADHosting.Com (8.9.1/8.9.1) with ESMTP id WAA11215 for ; Sun, 6 Jun 1999 22:05:20 -0700 Date: Sun, 6 Jun 1999 22:05:20 -0700 (MST) From: Nathan Staab To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: <199906070416.JAA06705@bhairavi.newdelhi.sgi.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org no the Secure telnet thing is just a telnet daemon run in inetd.. the same way as the regular telnet would be, and theres no "fallback" its the real telnet daemon with random encrypted key generation built in. it looks sorta like this Trying xxx.xxx.xx.x... Connected to xxxx.xxxxx.xxx. Escape character is '^]'. Generating (512 bit) RSA key ... Generation of (512 bit) RSA key done Assigned (512 bit) RSA key Red Hat Linux release 5.2 (Manhattan) Kernel 2.2.5 on an i586 UserName: ^^ it just uses SSleay to make the "certificate" that it uses to make random keys.. nothing else you can change the password of the shell by execing passwd from the prompt. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 07:10:53 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id HAA01545 for securedistros-list; Mon, 7 Jun 1999 07:10:53 +0200 Received: from ausmac.net (IDENT:root@ausmac.net [203.25.224.5]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id HAA01381 for ; Mon, 7 Jun 1999 07:10:44 +0200 Received: from localhost (gbayley@localhost) by ausmac.net (8.8.7/8.8.7) with ESMTP id QAA17809 for ; Mon, 7 Jun 1999 16:15:39 +1000 Date: Mon, 7 Jun 1999 16:15:29 +1000 (EST) From: Grant Bayley To: securedistros@nl.linux.org Subject: Digest version? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Quick question folks: Is a digest version of this list available? I love a high-volume list as much as the next guy, but having it all in one message for the day is quite convenient for storage and reference. Thanks in advance for any info, Grant _______________________________________________________ Grant Bayley gbayley@ausmac.net - - IT Administrator, Batey Kazoo (www.kazoo.com.au) - - Administrator, The AusMac Archive (www.ausmac.net) - - Webmaster/Organiser, 2600 Australia (www.2600.org.au) _______________________________________________________ -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQA/AwUBN1tjifl1o8K+EBwPEQK6kACgkuo9QQTmH3TbyDVqMkwNKtz24j4An1qw wPHoGVpA2efxKX8oza74gh6e =W9K5 -----END PGP SIGNATURE----- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 07:15:23 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id HAA13634 for securedistros-list; Mon, 7 Jun 1999 07:15:23 +0200 Received: from griffin.printsoft.com.au (pri11116-1.gw.connect.com.au [203.63.74.20]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id HAA13433 for ; Mon, 7 Jun 1999 07:15:12 +0200 Received: (qmail 31522 invoked from network); 7 Jun 1999 05:15:08 -0000 Received: from softdnserror (HELO exchange.mel.printsoft.com.au) (192.168.4.9) by softdnserror with SMTP; 7 Jun 1999 05:15:08 -0000 Received: from printsoft.com.au (BEN.mel.printsoft.com.au [192.168.4.15]) by exchange.mel.printsoft.com.au with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2232.9) id L23HP7LL; Mon, 7 Jun 1999 15:16:15 +1000 Message-ID: <375B55EF.505110F7@printsoft.com.au> Date: Mon, 07 Jun 1999 15:17:35 +1000 From: Ben Finney Organization: PrintSoft Pty Ltd X-Mailer: Mozilla 4.6 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: Digest version? References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Grant Bayley wrote: > Is a digest version of this list available? > I love a high-volume list as much as the next guy I'm the next guy, and I don't much like high volume lists unless I can get 'em in digest form :-) I've emailed the owner only a minute ago asking this very question. -- Regards, Ben Finney, System Administrator PrintSoft Pty Ltd - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 07:29:28 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id HAA27730 for securedistros-list; Mon, 7 Jun 1999 07:29:28 +0200 Received: from finch-post-10.mail.demon.net (finch-post-10.mail.demon.net [194.217.242.38]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id HAA27691 for ; Mon, 7 Jun 1999 07:29:21 +0200 Received: from [194.222.156.169] (helo=notatla.demon.co.uk) by finch-post-10.mail.demon.net with esmtp (Exim 2.12 #1) id 10qryH-000AI2-0A for securedistros@nl.linux.org; Mon, 7 Jun 1999 05:29:18 +0000 Received: (from ant@localhost) by notatla.demon.co.uk (noyb/noyb) id GAA06277 for securedistros@nl.linux.org; Mon, 7 Jun 1999 06:25:14 +0100 Date: Mon, 7 Jun 1999 06:25:14 +0100 From: Antonomasia Message-Id: <199906070525.GAA06277@notatla.demon.co.uk> To: securedistros@nl.linux.org Subject: Re: wish list (3 replies digestified) Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org From: Bay Ghandhi > Why not use Blowfish? [for passwords rather than DES or MD5] Blowfish is an encryption algorithm and MD5 is a hash function. A hash function is what local password checking calls for. From: Brandon Craig Rhodes > o Uses postfix by default instead of sendmail. IBM's current licence prevents this. It may improve. From: Nathan Staab > possibly instead of commenting out the things in /etc/inetd.conf to keep > the machine functional.. have a firewall script that utilizes ipchains or > something alike to deny services from to the outside world. But you won't know in advance what is the outside world to my network. Better to leave the services turned off by default. -- ############################################################## # Antonomasia ant@notatla.demon.co.uk # # See http://www.notatla.demon.co.uk/ # ############################################################## - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 09:40:40 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id JAA17035 for securedistros-list; Mon, 7 Jun 1999 09:40:40 +0200 Received: from church.cse.ogi.edu (root@cse.ogi.edu [129.95.20.2]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id JAA16928 for ; Mon, 7 Jun 1999 09:40:04 +0200 Received: from cse.ogi.edu (crispin@dialup-07.cse.ogi.edu [129.95.49.7]) by church.cse.ogi.edu (8.8.6/8.8.6) with ESMTP id AAA21489 for ; Mon, 7 Jun 1999 00:39:57 -0700 (PDT) Message-ID: <375B430A.40A9811@cse.ogi.edu> Date: Sun, 06 Jun 1999 20:56:58 -0700 From: Crispin Cowan Organization: Oregon Graduate Institute X-Mailer: Mozilla 4.6 [en] (X11; I; Linux 2.0.35 i586) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: wish list References: <199906070232.WAA04802@alcove.wittsend.com> <199906070318.UAA17640@geezer.earthlink.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Bay Ghandhi wrote: > Problem with "strong crypto" is screwy US laws mean no exports of it from > the US, That is definitely a problem. > but I presume this distro is going to originate elsewhere? That is a non-sequetor. There is no "this distro"; "securedistro" is for sharing information among several "secure Linux" projects which have, for a variety of reasons, chosen not to merge. Some are US-based, some are not. Crispin ----- Crispin Cowan, Research Assistant Professor of Computer Science, OGI NEW: Protect Your Linux Host with StackGuard'd Programs :FREE http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ Microsoft: Putting the "lame" in "layman" - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 09:46:37 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id JAA18524 for securedistros-list; Mon, 7 Jun 1999 09:45:52 +0200 Received: from localhost (riel@localhost) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id JAA18434 for ; Mon, 7 Jun 1999 09:45:24 +0200 Date: Mon, 7 Jun 1999 09:45:23 +0200 (CEST) From: Rik van Riel To: securedistros@nl.linux.org Subject: digest Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hi, I have created a (hopefully working) digest version of this list: securedistros-digest@nl.linux.org You can subscribe in the usual way: $ echo subscribe securedistros-digest | mail majordomo@nl.linux.org cheers, Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 10:07:32 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id KAA05083 for securedistros-list; Mon, 7 Jun 1999 10:07:32 +0200 Received: from linux01.gwdg.de (root@linux01.gwdg.de [134.76.13.21]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id KAA05021 for ; Mon, 7 Jun 1999 10:07:23 +0200 Received: from localhost (sfaller@localhost) by linux01.gwdg.de (8.9.3/8.9.3) with ESMTP id KAA02934 for ; Mon, 7 Jun 1999 10:07:32 +0200 Date: Mon, 7 Jun 1999 10:07:32 +0200 (MEST) From: Sebastian Fallert To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hi, even if I might be rephrasing other people's 2cents by the following I think it's important. I would appreciate the following in a secure distro: - An install tool which offers the installation of sophisticated package schemes that go along with certain config options (like starting daemons, ipchains config etc.). What I have in mind is a menu which offers you a selection in a range from 'Open to the world' to 'Completely locked up'. I believe Redhat does have something like this but I've never seen a really handy and easy to overlook approach to this. - A tool which uses regexes to analyse Logfiles. I'm sure this exists even in connection with the usual distros but without regexes which have proven to be useful. I think it's important also a common user can always overlook what's going on in his logfiles w/o having to browse through k's of lines. Cheers, -Sebastian - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 10:08:45 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id KAA05659 for securedistros-list; Mon, 7 Jun 1999 10:08:45 +0200 Received: from localhost (riel@localhost) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id KAA05508 for ; Mon, 7 Jun 1999 10:08:13 +0200 Date: Mon, 7 Jun 1999 10:08:12 +0200 (CEST) From: Rik van Riel To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: <375B430A.40A9811@cse.ogi.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Sun, 6 Jun 1999, Crispin Cowan wrote: > Bay Ghandhi wrote: > > > Problem with "strong crypto" is screwy US laws mean no exports of it from > > the US, > > That is definitely a problem. Not really. At least one of the distributions is hosted in the Netherlands, besides, it's not forbidden to export strong crypto in source form... > > but I presume this distro is going to originate elsewhere? > > That is a non-sequetor. There is no "this distro"; "securedistro" is > for sharing information among several "secure Linux" projects which > have, for a variety of reasons, chosen not to merge. Some are > US-based, some are not. I think we can put all strong crypto packages on a non-US site. Working together is not just in general design plans and technical stuff -- we can also use it to get around stupid legislation :) cheers, Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 10:17:57 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id KAA26393 for securedistros-list; Mon, 7 Jun 1999 10:17:57 +0200 Received: from big.hrz.fh-zwickau.de (big.hrz.fh-zwickau.de [141.32.46.65]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id KAA26340 for ; Mon, 7 Jun 1999 10:17:50 +0200 Received: (qmail 29672 invoked from network); 7 Jun 1999 08:17:41 -0000 Received: from big1.hrz.fh-zwickau.de (HELO big1) (din@141.32.46.66) by big.hrz.fh-zwickau.de with SMTP; 7 Jun 1999 08:17:41 -0000 Date: Mon, 7 Jun 1999 10:17:41 +0200 (MET DST) From: Carsten Dinkelmann X-Sender: din@big1 To: securedistros@humbolt.nl.linux.org Subject: auth 7d52f63b subscribe securedistros din@zlug.org Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org auth 7d52f63b subscribe securedistros din@zlug.org - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 10:22:55 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id KAA01000 for securedistros-list; Mon, 7 Jun 1999 10:22:55 +0200 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id KAA00917; Mon, 7 Jun 1999 10:22:45 +0200 Date: Mon, 7 Jun 1999 10:22:45 +0200 Message-Id: <199906070822.KAA00917@nl.linux.org> To: securedistros@nl.linux.org From: Majordomo@humbolt.nl.linux.org Subject: Majordomo results: auth 7d52f63b subscribe securedistros di Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org -- >>>> auth 7d52f63b subscribe securedistros din@zlug.org Succeeded. >>>> >>>> - END OF COMMANDS - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 10:25:00 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id KAA03096 for securedistros-list; Mon, 7 Jun 1999 10:25:00 +0200 Received: from pneumatic-tube.sgi.com (pneumatic-tube.sgi.com [204.94.214.22]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id KAA02984 for ; Mon, 7 Jun 1999 10:24:49 +0200 Received: from nodin.corp.sgi.com (nodin.corp.sgi.com [192.26.51.193]) by pneumatic-tube.sgi.com (980309.SGI.8.8.8-aspam-6.2/980310.SGI-aspam) via ESMTP id BAA953961 for <@external-mail-relay.sgi.com:securedistros@nl.linux.org>; Mon, 7 Jun 1999 01:24:45 -0700 (PDT) mail_from (raju@bhairavi.newdelhi.sgi.com) Received: from sgindia.newdelhi.sgi.com (newdelhi.sgi.com [134.14.90.2]) by nodin.corp.sgi.com (980427.SGI.8.8.8/980728.SGI.AUTOCF) via ESMTP id BAA24083 for <@relay.sgi.com:securedistros@nl.linux.org>; Mon, 7 Jun 1999 01:24:41 -0700 (PDT) Received: from bhairavi.newdelhi.sgi.com (bhairavi.newdelhi.sgi.com [134.14.90.52]) by sgindia.newdelhi.sgi.com (980427.SGI.8.8.8/970903.SGI.AUTOCF) via ESMTP id NAA73302 for ; Mon, 7 Jun 1999 13:53:24 +0530 (IST) Received: (from raju@localhost) by bhairavi.newdelhi.sgi.com (8.9.3/8.9.3) id NAA08422 for securedistros@nl.linux.org; Mon, 7 Jun 1999 13:41:06 +0530 (IST) Message-Id: <199906070822.KAA00917@nl.linux.org> From: Majordomo@humbolt.nl.linux.org To: securedistros@nl.linux.org Subject: Majordomo results: auth 7d52f63b subscribe securedistros di Date: Mon, 7 Jun 1999 10:22:45 +0200 Mime-Version: 1.0 (generated by tm-edit 7.106) Content-Type: text/plain; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org :-) -- >>>> auth 7d52f63b subscribe securedistros din@zlug.org Succeeded. >>>> >>>> - END OF COMMANDS - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 11:00:09 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id LAA31249 for securedistros-list; Mon, 7 Jun 1999 11:00:09 +0200 Received: from 3jane.drp.fmph.uniba.sk (root@3jane.drp.fmph.uniba.sk [158.195.19.24]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id KAA31200 for ; Mon, 7 Jun 1999 10:59:42 +0200 Received: by 3jane.drp.fmph.uniba.sk via sendmail from stdin id (Debian Smail3.2.0.102) for securedistros@nl.linux.org; Mon, 7 Jun 1999 11:06:01 +0200 (CEST) Date: Mon, 7 Jun 1999 11:06:01 +0200 From: Radovan Misovic To: securedistros@nl.linux.org Subject: Re: wish list Message-ID: <19990607110601.A29893@3jane.drp.fmph.uniba.sk> References: <199906070232.WAA04802@alcove.wittsend.com> <199906070318.UAA17640@geezer.earthlink.net> Mime-Version: 1.0 Content-Type: multipart/signed; boundary=X1bOJ3K7DJ5YkBrT; micalg=pgp-md5; protocol="application/pgp-signature" X-Mailer: Mutt 0.95.4i In-Reply-To: <199906070318.UAA17640@geezer.earthlink.net>; from Bay Ghandhi on Sun, Jun 06, 1999 at 08:18:19PM -0700 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org --X1bOJ3K7DJ5YkBrT Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable On Sun, Jun 06, 1999 at 08:18:19PM -0700, Bay Ghandhi wrote: [...] > DESCRIPTION > Blowfish is a fast unpatented block cipher designed by Bruce Schneie= r. > It basically consists of a 16 times iterated Feistel network. The b= lock > size is 64 bit and the key size is maximal 448 bit. >=20 > Problem with "strong crypto" is screwy US laws mean no exports of it from > the US, but I presume this distro is going to originate elsewhere? >=20 as far as I know, blowfish is a 'European-made' cipher, isn't it??? --=20 raTboy --> rad0 misovic --> misovic@st.fmph.uniba.sk +421-905-662334 Linux is like a wigwam; No Windows, no Gates and Apache inside ;-) --X1bOJ3K7DJ5YkBrT Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: K+xfkw6rSVSa/uCC+b5aedHpKd8kaWrv iQA+AwUBN1uLd1uzlp2T9TwfEQLeWQCXeCELpr0Kh4sCPbbnzKUM2ANPlwCg0pN5 ta/uKAIelBheoNLF9tKyvm4= =TSF2 -----END PGP SIGNATURE----- --X1bOJ3K7DJ5YkBrT-- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 11:16:31 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id LAA05649 for securedistros-list; Mon, 7 Jun 1999 11:16:31 +0200 Received: from nsm.htp.org (nsm.htp.org [202.241.243.104]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id LAA05646 for ; Mon, 7 Jun 1999 11:16:22 +0200 From: sen_ml@eccosys.com Received: (qmail 11680 invoked from network); 7 Jun 1999 09:16:09 -0000 Received: from localhost (127.0.0.1) by localhost with SMTP; 7 Jun 1999 09:16:09 -0000 To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Your message of "Mon, 7 Jun 1999 11:06:01 +0200" <19990607110601.A29893@3jane.drp.fmph.uniba.sk> References: <19990607110601.A29893@3jane.drp.fmph.uniba.sk> X-Mailer: Mew version 1.93 on Emacs 20.3 / Mule 4.0 (HANANOEN) X-No-Archive: Yes Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: <19990607181613S.sen_ml@eccosys.com> Date: Mon, 07 Jun 1999 18:16:13 +0900 X-Dispatcher: imput version 980905(IM100) Lines: 8 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org At around Mon, 7 Jun 1999 11:06:01 +0200, Radovan Misovic may have mentioned: > as far as I know, blowfish is a 'European-made' cipher, isn't it??? i believe it was creatd by bruce schneier, a u.s. citizen http://www.counterpane.com/ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 11:20:47 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id LAA06730 for securedistros-list; Mon, 7 Jun 1999 11:20:47 +0200 Received: from do.nachtwacht.nl (pino.demon.nl [194.159.226.41]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id LAA06695 for ; Mon, 7 Jun 1999 11:20:31 +0200 Received: from localhost (arjan@localhost) by do.nachtwacht.nl (8.8.7/8.8.7) with ESMTP id KAA00730 for ; Mon, 7 Jun 1999 10:49:38 +0200 Date: Mon, 7 Jun 1999 10:49:38 +0200 (CEST) From: Arjan Vos X-Sender: arjan@do.nachtwacht.nl To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: <199906062259.PAA20148@geezer.earthlink.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Sun, 6 Jun 1999, Bay Ghandhi wrote: > I would like a daily security script that would check system configs for > changes, check file perms, s[ug]id programs, etc. I'm hacking together a > port of the OpenBSD over to RedHat.. I don't know if such things exist > already. Yes, something similar does exist. Marc Heuse made a script (based on the security script of OpenBSD) for SuSE. I think you can grab it from http://www.suse.de/~marc. Gr. Arjan ---- Eat hard Sleep hard Wear glasses if you need them - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 11:42:16 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id LAA19834 for securedistros-list; Mon, 7 Jun 1999 11:42:16 +0200 Received: from localhost.localdomain (cta-1-as02-7-a33.gd.uol.com.br [200.224.78.97]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id LAA19787 for ; Mon, 7 Jun 1999 11:42:00 +0200 Received: from linux.enter-net.com.br (localhost [127.0.0.1]) by localhost.localdomain (8.9.3/8.9.3) with ESMTP id GAA01079 for ; Fri, 7 May 1999 06:42:05 -0300 Message-ID: <3732B56B.EAADEE2C@linux.enter-net.com.br> Date: Fri, 07 May 1999 06:42:03 -0300 From: Renato Murilo Langona X-Mailer: Mozilla 4.51 [en] (X11; I; Linux 2.2.5-15 i586) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: wish list Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hz, Options for automated configuration of chrooted non-root ftp/dns/misc servers would be nice... Best regards, -- +-<->-------------------------------------------------------------+ | Renato Murilo Langona | [BEAVISII/SuidBit]@irc | UIN: 16798646 | | <[Network System Administrator/Consultant]> | | http://www.redebrasil.org.br [RedeBR IRC Brazil] | | http://rwx.shellexpress.net [rwx network security] | | http://lasg.supernetcom.com.br [Linux Security Adm. Guide] | [+]-<->-----------------------------------------------------------[+] - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 12:38:50 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id MAA16684 for securedistros-list; Mon, 7 Jun 1999 12:38:50 +0200 Received: from localhost (riel@localhost) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id MAA16678 for ; Mon, 7 Jun 1999 12:38:43 +0200 Date: Mon, 7 Jun 1999 12:38:42 +0200 (CEST) From: Rik van Riel To: securedistros@nl.linux.org Subject: FAQ Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hi, now that the list is over 250 members strong, I guess it's time for something of an FAQ. Problem is I don't have time to write one, so I'm looking for volunteers. Anyone? :) Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 12:50:00 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id MAA21042 for securedistros-list; Mon, 7 Jun 1999 12:50:00 +0200 Received: from intsrv.shmuc.de (www.liegel.de [194.112.111.98]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id MAA21035 for ; Mon, 7 Jun 1999 12:49:51 +0200 Received: from shmuc.de (magix [194.221.130.113]) by intsrv.shmuc.de (8.8.8/8.8.8) with SMTP id MAA22802 for ; Mon, 7 Jun 1999 12:49:33 +0200 Message-Id: <199906071049.MAA22802@intsrv.shmuc.de> Date: Mon, 7 Jun 1999 12:48:43 +0200 From: "Dr. Thomas Hartl" To: securedistros@nl.linux.org Subject: Re: FAQ X-Mailer: AK-Mail 3.0b [ger] (registered) X-LiInfo: Domain License for Systemhaus München GmbH (10 Users) Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nl.linux.org id MAA21036 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > Hi, > now that the list is over 250 members strong, I guess > it's time for something of an FAQ. Problem is I don't > have time to write one, so I'm looking for volunteers. > Anyone? :) > Rik -- Open Source: you deserve to be in control of your data. > +-------------------------------------------------------------------+ > | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | > | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | > | Nederlandse Linux documentatie: http://www.nl.linux.org/ | > +-------------------------------------------------------------------+ > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ Maybe I can help a little, but FAQ for what ?? (Majordomo?...?) cu ------------------------------------------------------------------------------------------------------ Dr. Thomas Hartl [Thomas.Hartl@shmuc.de] Systemhaus München Fon: +49 89 54701321 Fax: +49 89 54701334 http://www.shmuc.de/ ------------------------------------------------------------------------------------------------------ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 12:56:27 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id MAA23224 for securedistros-list; Mon, 7 Jun 1999 12:56:27 +0200 Received: from localhost (riel@localhost) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id MAA23218 for ; Mon, 7 Jun 1999 12:56:18 +0200 Date: Mon, 7 Jun 1999 12:56:18 +0200 (CEST) From: Rik van Riel To: securedistros@nl.linux.org Subject: Re: FAQ In-Reply-To: <199906071049.MAA22802@intsrv.shmuc.de> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, 7 Jun 1999, Dr. Thomas Hartl wrote: > > now that the list is over 250 members strong, I guess > > it's time for something of an FAQ. Problem is I don't > > have time to write one, so I'm looking for volunteers. > > Maybe I can help a little, but FAQ for what ?? (Majordomo?...?) An FAQ for this list. It should probably list these things: - the different secure Linux projects (+URLs) and their goals - misc security links - general security information - FAQ's, once we get them on this list - pointers to other Linux/Unix security projects regards, Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 12:59:21 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id MAA24292 for securedistros-list; Mon, 7 Jun 1999 12:59:21 +0200 Received: from mail.sec.pl (vahenora.sec.pl [212.244.220.194]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id MAA24177 for ; Mon, 7 Jun 1999 12:58:56 +0200 Received: (qmail 23650 invoked by uid 1001); 7 Jun 1999 11:36:48 -0000 Date: Mon, 7 Jun 1999 13:36:48 +0200 From: "Wojciech S. Czarnecki" To: securedistros@nl.linux.org Subject: Wishes and so on. Message-ID: <19990607133648.J9453@sec.pl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/0.96.2i fcc: sent-mail Organization: SECureNet PL, the NetSecurity & Privacy site. X-PGPkey: Avaliable on request X-keyFP: 1208 ABBE 9278 AFCC 7812 07A3 1D4F 8366 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Apparently this list is in desperate need for wise moderator. With plenty of time and infinite patience. Such... >> as far as I know, blowfish is a 'European-made' cipher, isn't it??? > i believe it was creatd by bruce schneier, a u.s. citizen dialogs will definitely push me (and as I think many others) to do 'unsubscribe' sooner than we thought of subscribing. BTW, seems that majordomo@nl.linux.org also need a maintainer: I got ack message for other guy. Regards, -- * Wojciech S. Czarnecki *********************** ohir@sec.pl * # Here were terryfying shadows of freedom sliping in people's # ## common mind with no passport, with no invitation, without ## ### even insincere feel of sorrow. The Darkness was in power. ### ---------------------------------------------------------------- &&& My 2.6 PGP key: http://www.sec.pl/staff/staff.html#key-ohir - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 13:07:13 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id NAA26832 for securedistros-list; Mon, 7 Jun 1999 13:07:13 +0200 Received: from 3jane.drp.fmph.uniba.sk (root@3jane.drp.fmph.uniba.sk [158.195.19.24]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id NAA26829 for ; Mon, 7 Jun 1999 13:07:05 +0200 Received: by 3jane.drp.fmph.uniba.sk via sendmail from stdin id (Debian Smail3.2.0.102) for securedistros@nl.linux.org; Mon, 7 Jun 1999 13:13:33 +0200 (CEST) Date: Mon, 7 Jun 1999 13:13:33 +0200 From: Radovan Misovic To: securedistros@nl.linux.org Subject: Re: wish list Message-ID: <19990607131333.A30740@3jane.drp.fmph.uniba.sk> References: <19990607110601.A29893@3jane.drp.fmph.uniba.sk> <19990607181613S.sen_ml@eccosys.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: <19990607181613S.sen_ml@eccosys.com>; from sen_ml@eccosys.com on Mon, Jun 07, 1999 at 06:16:13PM +0900 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, Jun 07, 1999 at 06:16:13PM +0900, sen_ml@eccosys.com wrote: > At around Mon, 7 Jun 1999 11:06:01 +0200, > Radovan Misovic may have mentioned: > > > as far as I know, blowfish is a 'European-made' cipher, isn't it??? > > i believe it was creatd by bruce schneier, a u.s. citizen > oooops... It was Idea... sorry ;-) -- raTboy --> rad0 misovic --> misovic@st.fmph.uniba.sk +421-905-662334 Linux is like a wigwam; No Windows, no Gates and Apache inside ;-) - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 13:09:26 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id NAA27430 for securedistros-list; Mon, 7 Jun 1999 13:09:26 +0200 Received: from fiend.securesys.com.au (fiend.securesys.com.au [203.38.213.195]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id NAA27283 for ; Mon, 7 Jun 1999 13:08:56 +0200 Received: (from john@localhost) by fiend.securesys.com.au (8.8.8/8.8.8) id EAA13354 for securedistros@nl.linux.org; Tue, 8 Jun 1999 04:37:01 +0930 (CST) From: John Message-Id: <199906071907.EAA13354@fiend.securesys.com.au> Subject: Re: wish list To: securedistros@nl.linux.org Date: Tue, 8 Jun 1999 04:37:01 +0930 (CST) In-Reply-To: <199906070416.JAA06705@bhairavi.newdelhi.sgi.com> from "Raj Mathur" at Jun 7, 99 09:46:30 am X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > Mail: Hmm, this is an interesting one. Enough people use enough I believe there's a standard around the place for SSL'ed SMTP. It'd be nice to see an implementation of that, for completeness sake.... (And that's a "yes" to the question "Well, am I willing to create something should anyone point me in the direction of the standard"). John - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 13:13:52 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id NAA31792 for securedistros-list; Mon, 7 Jun 1999 13:13:52 +0200 Received: from localhost (riel@localhost) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id NAA31735 for ; Mon, 7 Jun 1999 13:13:43 +0200 Date: Mon, 7 Jun 1999 13:13:43 +0200 (CEST) From: Rik van Riel To: securedistros@nl.linux.org Subject: Re: Wishes and so on. In-Reply-To: <19990607133648.J9453@sec.pl> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, 7 Jun 1999, Wojciech S. Czarnecki wrote: > Apparently this list is in desperate need for wise moderator. > With plenty of time and infinite patience. :) > BTW, seems that majordomo@nl.linux.org also need a maintainer: > I got ack message for other guy. That guy tried to subscribe the list to itself, so the list got a confirmation request... The list was so widely published that all kinds of strange folk have subscribed just about every kind of adress to the list (majordomo, owner-majordomo, owner-list, etc...). I guess it'll go away :) cheers, Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 13:21:45 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id NAA16611 for securedistros-list; Mon, 7 Jun 1999 13:21:45 +0200 Received: from spice.org.il (tauser106.tevel.co.il [207.232.22.106]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id NAA16452 for ; Mon, 7 Jun 1999 13:21:35 +0200 Received: (from guy@localhost) by spice.org.il (8.9.0/8.9.2) id OAA01824 for securedistros@nl.linux.org; Mon, 7 Jun 1999 14:15:40 +0300 Date: Mon, 7 Jun 1999 14:15:39 +0300 From: Guy Cohen To: securedistros@nl.linux.org Subject: Re: wish list Message-ID: <19990607141539.A1480@spice.org.il> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: ; from Sebastian Fallert on Mon, Jun 07, 1999 at 10:07:32AM +0200 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org At this (Mon, Jun 07, 1999 at 10:07:32AM +0200) day, Sebastian Fallert wrote: .| .| - An install tool which offers the installation of sophisticated package .| schemes that go along with certain config options (like starting daemons, .| ipchains config etc.). What I have in mind is a menu which offers you a .| selection in a range from 'Open to the world' to 'Completely locked up'. I .| believe Redhat does have something like this but I've never seen a really .| handy and easy to overlook approach to this. I would like to see in such install tool the ability to implement one of the cryptographic file systems. -- Guy Cohen - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 13:43:11 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id NAA29113 for securedistros-list; Mon, 7 Jun 1999 13:43:11 +0200 Received: from fep02-svc.tin.it (mta02-acc.tin.it [212.216.176.33]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id NAA29010 for ; Mon, 7 Jun 1999 13:43:03 +0200 Received: from a-er1-6.tin.it ([212.216.56.37]) by fep02-svc.tin.it (InterMail v4.0 201-221-105) with ESMTP id <19990607114252.QGKJ24563.fep02-svc@a-er1-6.tin.it> for ; Mon, 7 Jun 1999 13:42:52 +0200 Date: Mon, 7 Jun 1999 13:38:29 +0200 (CEST) From: Emanuele X-Sender: root@r00t.DisLESSici.ORG To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: <009701beb073$5699cc00$0400010a@mustang.guarded.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org hi at all!, Some interesting feature that i think are important: - Compile distro with stackguard - Use tripwire by default - Install tcp|udp|icmp log - Script to configure tcpd/wrapper during the installation - Nmap, nessus and other audit tool - Ssh (of course :-) - SSLftp, SSLeay - Nidsbench (an intrusion detection tool) - Smail or qmail - Route kernel patch? (there are for kernel v2.2?) - Tool/script to help for ipchains configure - Tcpdump/sniffit - Passwd cracker (jripper is good) Byebye, Emanuele -- Hi Echelon! none of your business ntfLANder@ircnet -- ntf@disLESSici.org Punk is not sad -- www.disLESSici.org/ntf - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 13:43:45 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id NAA29326 for securedistros-list; Mon, 7 Jun 1999 13:43:45 +0200 Received: from obelix.hrz.tu-chemnitz.de (obelix.hrz.tu-chemnitz.de [134.109.132.55]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id NAA29234 for ; Mon, 7 Jun 1999 13:43:29 +0200 Received: from sunnyboy.informatik.tu-chemnitz.de by obelix.hrz.tu-chemnitz.de with Local SMTP (PP); Mon, 7 Jun 1999 13:43:00 +0200 Received: from jack (jack.informatik.tu-chemnitz.de [134.109.192.81]) by sunnyboy.informatik.tu-chemnitz.de (8.8.8/8.8.8) with ESMTP id NAA15548 for ; Mon, 7 Jun 1999 13:42:58 +0200 (MET DST) Date: Mon, 7 Jun 1999 13:43:09 +0200 (CEST) From: Carsten Dinkelmann To: securedistros@nl.linux.org Subject: Re: Wishes and so on. In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hi .. On Mon, 7 Jun 1999, Rik van Riel wrote: > > BTW, seems that majordomo@nl.linux.org also need a maintainer: > > I got ack message for other guy. > > That guy tried to subscribe the list to itself, so > the list got a confirmation request... > I think, that I make this mistake ... sorry I send the the auth-string to the address, which receives the subscribes :-) mmh, nice result ... > The list was so widely published that all kinds of > strange folk have subscribed just about every kind > of adress to the list (majordomo, owner-majordomo, > owner-list, etc...). I guess it'll go away :) > thank you tschau din ============================================================================== Carsten Dinkelmann, Diplominformatiker (FH), member of zLUG e.V. e-mail: din@zlug.org home : http://www.tu-chemnitz.de/~din and http://www.zlug.org ============================================================================== - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 14:27:23 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id OAA16612 for securedistros-list; Mon, 7 Jun 1999 14:27:23 +0200 Received: from jhcloos.com (IDENT:root@austin.jhcloos.com [206.224.83.202]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id OAA16411 for ; Mon, 7 Jun 1999 14:27:12 +0200 Received: (from cloos@localhost) by jhcloos.com (8.8.7/8.8.7) id HAA23746; Mon, 7 Jun 1999 07:27:08 -0500 To: securedistros@nl.linux.org Subject: Re: wish list References: <199906071907.EAA13354@fiend.securesys.com.au> From: "James H. Cloos Jr." In-Reply-To: John's message of "Tue, 8 Jun 1999 04:37:01 +0930 (CST)" Date: 07 Jun 1999 07:27:07 -0500 Message-ID: Lines: 37 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "John" == John writes: John> I believe there's a standard around the place for SSL'ed SMTP. Yes. That would be rfc2487. The canonical location is: . The basic idea is to start a session as normal and then issue the STARTTLS command (STARTTLS is mentioned in the EHLO reply of any server that supports it). At that point the TLS info is negotiated and the rest of the connection is secured. In typical usage, the server's initial announcement, the EHLO and its reply and the STARTTLS and its reply (and the TLS negotiation, of course) will be plaintext; everything else encrypted. Note that one of the big advantages of this is that it allows the server the auth and authz clients for such things as relaying. Also note that any server advertized via an MX record MUST NOT require TLS. - -JimC - -- James H. Cloos, Jr. 1024D/ED7DAEA6 E9E9 F828 61A4 6EA9 0F2B 63E7 997A 9F17 ED7D AEA6 -----BEGIN PGP SIGNATURE----- Version: GnuPG v0.9.7 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE3W7qXmXqfF+19rqYRAgi5AKC34Q4yG0HZI0o91WAP0oe3QTgRbQCfc6/b AdMI4oJPyMSXDFuiTq+Wz5o= =WdHf -----END PGP SIGNATURE----- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 15:04:48 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id PAA23706 for securedistros-list; Mon, 7 Jun 1999 15:04:48 +0200 Received: from kryten.ipax.com.au (IDENT:root@kryten.ipax.com.au [203.29.72.3]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id PAA23306 for ; Mon, 7 Jun 1999 15:04:30 +0200 Received: from central.charon.net.au (kendall@central.charon.net.au [203.55.169.1]) by kryten.ipax.com.au (8.8.7/8.8.7) with ESMTP id XAA23419 for ; Mon, 7 Jun 1999 23:04:04 +1000 Received: from localhost (kendall@localhost) by central.charon.net.au (8.9.3/8.9.3) with ESMTP id XAA04339 for ; Mon, 7 Jun 1999 23:04:16 +1000 Date: Mon, 7 Jun 1999 23:04:16 +1000 (EST) From: Kendall Lister To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, 7 Jun 1999, Rik van Riel wrote: > Not really. At least one of the distributions is hosted in the > Netherlands, besides, it's not forbidden to export strong crypto in > source form... Actually, it is, from the US at least. What is not forbidden is the exporting of books containing source code in printed form, hence the PGP non-US scanning project. -- Kendall Lister, Systems Operator for Charon I.S. - kendall@charon.net.au Charon Information Services - Friendly, Cheap Melbourne ISP: 9589 7781 - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 15:25:44 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id PAA11113 for securedistros-list; Mon, 7 Jun 1999 15:25:44 +0200 Received: from sgi.com (sgi.SGI.COM [192.48.153.1]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id PAA11000 for ; Mon, 7 Jun 1999 15:25:34 +0200 Received: from nodin.corp.sgi.com ([192.26.51.193]) by sgi.com (980327.SGI.8.8.8-aspam/980304.SGI-aspam: SGI does not authorize the use of its proprietary systems or networks for unsolicited or bulk email from the Internet.) via ESMTP id GAA03091 for <@external-mail-relay.sgi.com:securedistros@nl.linux.org>; Mon, 7 Jun 1999 06:25:30 -0700 (PDT) mail_from (raju@bhairavi.newdelhi.sgi.com) Received: from sgindia.newdelhi.sgi.com (newdelhi.sgi.com [134.14.90.2]) by nodin.corp.sgi.com (980427.SGI.8.8.8/980728.SGI.AUTOCF) via ESMTP id GAA21028 for <@relay.sgi.com:securedistros@nl.linux.org>; Mon, 7 Jun 1999 06:25:26 -0700 (PDT) Received: from bhairavi.newdelhi.sgi.com (bhairavi.newdelhi.sgi.com [134.14.90.52]) by sgindia.newdelhi.sgi.com (980427.SGI.8.8.8/970903.SGI.AUTOCF) via ESMTP id SAA76947 for ; Mon, 7 Jun 1999 18:54:09 +0530 (IST) Received: (from raju@localhost) by bhairavi.newdelhi.sgi.com (8.9.3/8.9.3) id SAA09933; Mon, 7 Jun 1999 18:41:50 +0530 (IST) Date: Mon, 7 Jun 1999 18:41:50 +0530 (IST) Message-Id: <199906071311.SAA09933@bhairavi.newdelhi.sgi.com> From: Raj Mathur To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: References: <199906071907.EAA13354@fiend.securesys.com.au> X-Mailer: VM 6.31 under 20.2 XEmacs Lucid Mime-Version: 1.0 (generated by tm-edit 7.106) Content-Type: text/plain; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Uhm, sorry about the default VM message munging... Anyhow, I feel that it's more important to have user-level mail encryption rather than system- or connection-level encryption. Not that the latter is not important! However, the arguments are: 1. System- and connection-level encryption is a massive load on the CPU. If all (or most) of your SMTP connections are encrypted, which is presumably what we're aiming for, then your CPU will be doing nothing except handling 20 open SMTP connections at any given time. 2. The remote system has to support encrypted SMTP, and I don't know of too many servers around today which do. I'm willing to be disabused of this notion in case it isn't true. 3. Privacy issues still remain with encrypted connections, since finally the message reposes in a non-encrypted form on the target machines hard disk. 4. I haven't read the RFC (OK, you can flame me for that!), but presumably there's some way of switching between encrypted and unencrypted sessions between two servers which talk SSL SMTP. In case there isn't, it's a waste of resources to send letters to your Mom encrypted (unless your Dad's name happens to be Kevin M ;-) Keeping this in mind, I'd rather focus on user-level security, i.e. PGP, GnuPG or an equivalent. There the user has the choice of whether to encrypt the message or not, and privacy is much much higher. In other words, encrypt the payload and let the connection take care of itself. Just my 2 paise worth. Regards, -- Raju >>>>> "James" == James H Cloos writes: James> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "John" == John writes: John> I believe there's a standard around the place for SSL'ed John> SMTP. James> Yes. That would be rfc2487. The canonical location is: James> . James> The basic idea is to start a session as normal and then James> issue the STARTTLS command (STARTTLS is mentioned in the James> EHLO reply of any server that supports it). At that point James> the TLS info is negotiated and the rest of the connection James> is secured. James> In typical usage, the server's initial announcement, the James> EHLO and its reply and the STARTTLS and its reply (and the James> TLS negotiation, of course) will be plaintext; everything James> else encrypted. James> Note that one of the big advantages of this is that it James> allows the server the auth and authz clients for such James> things as relaying. Also note that any server advertized James> via an MX record MUST NOT require TLS. James> - -JimC - -- James H. Cloos, Jr. James> 1024D/ED7DAEA6 James> E9E9 F828 61A4 6EA9 0F2B 63E7 997A 9F17 James> ED7D AEA6 James> -----BEGIN PGP SIGNATURE----- Version: GnuPG v0.9.7 James> (GNU/Linux) Comment: For info see http://www.gnupg.org James> iD8DBQE3W7qXmXqfF+19rqYRAgi5AKC34Q4yG0HZI0o91WAP0oe3QTgRbQCfc6/b James> AdMI4oJPyMSXDFuiTq+Wz5o= =WdHf -----END PGP SIGNATURE----- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 15:54:16 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id PAA11002 for securedistros-list; Mon, 7 Jun 1999 15:54:16 +0200 Received: from brandenburg-gmbh.de (mail.brandenburg-gmbh.de [62.104.235.70]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id PAA10898 for ; Mon, 7 Jun 1999 15:53:52 +0200 Received: (qmail 29958 invoked by uid 204); 7 Jun 1999 15:53:47 +0200 Date: 7 Jun 1999 15:53:47 +0200 Message-ID: <19990607135347.29957.qmail@brandenburg-gmbh.de> From: Dirk Alboth To: securedistros@nl.linux.org Subject: What way? Mime-Version: 1.0 (generated by tm-edit 7.106) Content-Type: text/plain; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org To me it is still unclear where the discussions in securedistros are meant to go. Quoting Rik's announcment | The main things we'll discuss on the list will be things | like bug fixes, code fixups and generic security ideas that | are usable in all secure Linux distributions. I would expect to find here a discussion about the (set theoretic) intersection of what would be contained in every security related Linux distribution: Which kernel(s), which additional software (like inetd vs. xinetd, tcpwrappers, syslog vs. cyclog, locate vs. slocate, etc. etc.). Things which every (or at least nearly every) such distribution really can't live without. One could discuss whether tripwire is a part of this. But IMHO MTAs, sniffers, IDS and the like are not of this kind, I think. E.g. I am not certain ;-) whether a sniffer should be part to a secure desktop system (-> Bastille project) I think it would also help those on the different specialized projects to concentrate (the discussions in their mailing lists) on the specific parts of their target systems. The results of the discussions here could form a common starting point. Basically, another approach would be possible, namely discussing a superset of all secure distributions. So every specific distribution project would only determine which parts they need. But then it would be easier to let everyone subscribe to all those lists... So my plea would go for the minimalistic approach: let's identify the software a secure system cannot really live without. We could start off by identifying more or less representative systems for the different special distribution targets. This could e.g. be a DMZ-located server (like a web server), an internal (ie. being part of a trusted network) file server and an internal desktop system. (I intentionally leave out a firewall system, because it is far too specialized towards the individual needs.) It is my understanding that this group of target systems includes both the Bastille and the Secure Linux projects. Next we could go on identifying the software and setups that are common to these three systems. Finally we should discuss individual alternatives of software and collect what is known from e.g. auditing projects. It is also important to keep this information current so maybe it would be necessary (at a later stage) to find maintainers for individual software, setups etc. Dirk - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 16:17:19 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id QAA22703 for securedistros-list; Mon, 7 Jun 1999 16:17:19 +0200 Received: from mx.nkm.lt (qmailr@nkm.tdd.lt [193.219.211.9]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id QAA22621 for ; Mon, 7 Jun 1999 16:17:04 +0200 Received: (qmail 24652 invoked from network); 7 Jun 1999 14:17:00 -0000 Received: from nkm.tdd.lt (HELO mx.nkm.lt) (midom@193.219.211.9) by nkm.tdd.lt with SMTP; 7 Jun 1999 14:16:59 -0000 Date: Mon, 7 Jun 1999 16:16:59 +0200 (CEST) From: Domas Mituzas X-Sender: midom@mx.nkm.lt To: securedistros@nl.linux.org Subject: secure distro with new capabilities Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hello to all, I am now playing when I have more free time with Linux as a trusted OS. And I started rather before a long time - by using securebits and similar stuff. What I reached - a db server, that has files immutable and append only, that has /proc mounted readonly and restricted. Also it is impossible to put network devices in promiscous mode etc. That was made with securelevel (my collegue wrote application, that changes securebits without special syscall or pid #1 - by rewriting kcore). And now we get kernel 2.2, that has ELF "capabilities" and securebits. So, there is no need to be a root in order to chroot, change other users files etc. So, it is possible to make Linux a HP VirtualVault like operating system. I was able to put my system into "no-root" mode and it was rather successful - server applications were still working, but still I missed documentation and support from gurus about capabilities. Here comes a question: do these secure linux distros use these new thingies? I think, that giving ping "raw network device" capability and inserting seteuid(getuid... call would make it more secure, than keeping it running as root - the same with other programs. So it is possible to make linux with e.g. 10 operators (network, users, system etc) instead of one root or toor :-) I made this vision of secure system as I didn't knew about bastille and kha0s projects. I hope to see these ideas realised in any linux distribution - so I'll be sure it's _safe_. I would like to participate in secure linux projects. I'm still rather new in C, but I'm young enough to learn it - I'm 17teen, but I administer unix and linux servers for already 3 years. With respect, Domas Mituzas sybase lithuania network systems expert - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 16:28:24 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id QAA15239 for securedistros-list; Mon, 7 Jun 1999 16:28:24 +0200 Received: from hipmail13.gohip.com (hipmail13.gohip.com [208.232.5.154]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id QAA15149 for ; Mon, 7 Jun 1999 16:28:15 +0200 Received: by hipmail13.gohip.com (8.9.3/8.9.3) with hipmail1.gohip.com id HAA16948; Mon, 7 Jun 1999 07:20:19 -0700 Date: Mon, 7 Jun 1999 07:20:19 -0700 Message-Id: <199906071420.HAA16948@hipmail13.gohip.com> Content-Type: text/plain Content-Disposition: inline X-Mailer: MIME-tools 4.104 (Entity 4.116) Mime-Version: 1.0 From: "scooby sir" To: securedistros@nl.linux.org Subject: wish list Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Well, If i were to contribute suggestions for a secure distro of linux, it would be this: i) Ship it with the international linux patch installed www.kerneli.org ii) Install the non-executable stack patch iii) ssh and tripwire are a must The problem is that to have a truly secure machine(linux or non linux) you must watch lists like bugtraq, and install patches as soon as vulnerabilities are discovered. You can develop an extreemly secure machine, but 6 months later if no updates were applied the machine it could be wide open. The fact is you cant make sys admins update their machines. Matt Olevano ------------------------------------------------------------ HEY TUPAC FANS! GET YOUR FREE PRIVATE E-MAIL ACCOUNT AT http://www.TUPAC.com - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 16:48:38 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id QAA02328 for securedistros-list; Mon, 7 Jun 1999 16:48:38 +0200 Received: from hipmail15.gohip.com (hipmail15.gohip.com [208.232.5.156]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id QAA02235 for ; Mon, 7 Jun 1999 16:48:30 +0200 Received: by hipmail15.gohip.com (8.9.3/8.8.7) with hipmail1.gohip.com id HAA20153; Mon, 7 Jun 1999 07:40:54 -0700 Date: Mon, 7 Jun 1999 07:40:54 -0700 Message-Id: <199906071440.HAA20153@hipmail15.gohip.com> Content-Type: text/plain Content-Disposition: inline X-Mailer: MIME-tools 4.104 (Entity 4.116) Mime-Version: 1.0 From: "scooby sir" To: securedistros@nl.linux.org Subject: Re: FAQ Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org I am more than willing to develop a FAQ for this securedisto list. I cant work on it now(im at work)but i'll start tonight. If anyone wants to help feel free to send me private email. I could use some help with crypto stuff, thats my weakpoint. Matt Olevano ------------------------------------------------------------ HEY TUPAC FANS! GET YOUR FREE PRIVATE E-MAIL ACCOUNT AT http://www.TUPAC.com - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 16:57:44 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id QAA22085 for securedistros-list; Mon, 7 Jun 1999 16:57:44 +0200 Received: from fornax.elf.stuba.sk (www@fornax.elf.stuba.sk [147.175.111.112]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id QAA22012 for ; Mon, 7 Jun 1999 16:57:32 +0200 Received: from localhost (www@localhost) by fornax.elf.stuba.sk (8.8.7/8.8.7) with ESMTP id QAA04974 for ; Mon, 7 Jun 1999 16:55:54 +0200 Date: Mon, 7 Jun 1999 16:55:54 +0200 (MEST) From: Milan Pikula - WWW To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: <199906071420.HAA16948@hipmail13.gohip.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, 7 Jun 1999, scooby sir wrote: W>Well, W> If i were to contribute suggestions for a secure distro of linux, W>it would be this: W> i) Ship it with the international linux patch installed W> www.kerneli.org W> ii) Install the non-executable stack patch this is not a real solution.. this is a joke. there are many ways, how to override this protection and this makes me to label it as 'security by obscurity'. W> iii) ssh and tripwire are a must W>The problem is that to have a truly secure machine(linux or non linux) W>you must watch lists like bugtraq, and install patches as soon as W>vulnerabilities are discovered. You can develop an extreemly secure W>machine, but 6 months later if no updates were applied the machine it W>could be wide open. The fact is you cant make sys admins update their W>machines. W> W> Matt Olevano This is not always true. We made some Linux kernel changes named Medusa (http://fornax.elf.stuba.sk/medusa), which are designed to improve security of Linux without any knowledge about broken programs and new ways how to get priviledged access. It consist of some kernel changes (as low number of them as possible) and user-space daemon, which answers some questions of kernel (of course, communication have been heavily optimised and we can proudly say it doesn't waste the cpu so much). every process and every file have bitmap of 'virtual subsystems' where they belong. If process haven't write permission to some file, it will get -EPERM even when running as 'root'. medusa supports linux capabilities of course and can trace (and disable) any system call, all kinds of access to a filesystem, interprocess comunication (signals, ...) and can perform some actions on processes, which are 'untrusted'. configuration file of user-space daemon is a simple programming language, based on C syntax, which is pre-compiled when the daemon is started. it can perform any securing policy you want - nicest example we made is a configuration file, which does this: when the application runs locally, it have normal unix permissions. when it tries to open the inet socket, it is marked as 'restricted'. restricted applications can see only part of filesystem, other restricted processes and have write access to a few, really FEW files in system (/dev/tty for example). they have limited 'capabilities' and cannot reboot system, change runlevel or kill the security daemon. if you run '/bin/pshacker', which is a copy of normal 'ps', then if you are local user, you will see all processes (local and "network"). if you are remote user, it will run '/usr/games/trek' instead. 'local' and 'remote' doesn't mean anything more than the fact, that application was created from the process, which had something to do with inet sockets sometime. so it doesn't depend on fact that he used some known or unknown exploit or if it was connection out or in. there are many other securing policies usable too. for example, we can run sendmail in it's private virtual subsystem, being able only to READ it's configuration and with READ/WRITE access ONLY to a selected set of directories or files. noone will be able to create new account, shutdown system, insert module or re-format partition using the security hole in sendmail. the worsest thing he can do is to wipe mailboxes of the users. there are two known bugs of this system: the first is somewhere in locking and will be fixed within a few days. the second is an absence of english documentation, which will be fixed in the future - when i'll find someone who speaks english better than me. this is also the reason, why Medusa wasn't announced in linux-kernel newsgroup. bye, Milan Pikula -- Milan Pikula, WWW. Finger me for Geek Code. http://fornax.elf.stuba.sk/~www, www@fornax.elf.stuba.sk .. dajte mi pewnu linku a pohnem zemegulow .. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 17:03:38 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id RAA28715 for securedistros-list; Mon, 7 Jun 1999 17:03:38 +0200 Received: from soil08.soil.nl (wichert@soil08.soil.nl [132.229.135.68]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id RAA28651 for ; Mon, 7 Jun 1999 17:03:29 +0200 Received: (from wichert@localhost) by soil08.soil.nl (8.9.3/8.9.3/Debian/GNU) id RAA29031 for securedistros@nl.linux.org; Mon, 7 Jun 1999 17:03:26 +0200 Date: Mon, 7 Jun 1999 17:03:26 +0200 From: Wichert Akkerman To: securedistros@nl.linux.org Subject: Re: wish list Message-ID: <19990607170326.B28983@soil.nl> References: <199906071420.HAA16948@hipmail13.gohip.com> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="NDin8bjvE/0mNLFQ"; micalg=pgp-md5; protocol="application/pgp-signature" X-Mailer: Mutt 0.95.4i In-Reply-To: <199906071420.HAA16948@hipmail13.gohip.com>; from scooby sir on Mon, Jun 07, 1999 at 07:20:19AM -0700 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org --NDin8bjvE/0mNLFQ Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Previously scooby sir wrote: > iii) ssh and tripwire are a must Both are non-free though (using either the DFSG or the OSD). For ssh a replacement is in development (lsh, developers needed for tty and networking code). As far as I know there is no free tripwire, and the current tripwire is no longer supported as well since they now have a commercial version. > The problem is that to have a truly secure machine(linux or non linux) you > must watch lists like bugtraq, and install patches as soon as vulnerabili= ties > are discovered. You can develop an extreemly secure machine, but 6 months > later if no updates were applied the machine it could be wide open. The = fact > is you cant make sys admins update their machines. =20 You can automate the procedure though using a tool such as apt-get. Wichert. --NDin8bjvE/0mNLFQ Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia iQB1AwUBN1vfPqjZR/ntlUftAQGRcAL/XLY1NguYq863hRrA957IM0uilJfDsmqB ls8NaaksKKpYOhLQIBYqtvpD5zUvJv3rwy556qNjolp6kx42Cejww8noAU3B7Pa4 8oU8kJT3ZtCt3hSrhLoAD/bNiojHo/87 =KdTE -----END PGP SIGNATURE----- --NDin8bjvE/0mNLFQ-- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 17:13:44 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id RAA12133 for securedistros-list; Mon, 7 Jun 1999 17:13:44 +0200 Received: from darius.concentric.net (darius.concentric.net [207.155.198.79]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id RAA11924 for ; Mon, 7 Jun 1999 17:13:18 +0200 Received: from mcfeely.concentric.net (mcfeely [207.155.198.83]) by darius.concentric.net (8.9.1a/(98/12/15 5.12)) id LAA12415; Mon, 7 Jun 1999 11:13:12 -0400 (EDT) [1-800-745-2747 The Concentric Network] Received: from silverj (ipix1.dsl.concentric.net [209.220.33.8]) by mcfeely.concentric.net (8.9.1a) id LAA12559; Mon, 7 Jun 1999 11:13:13 -0400 (EDT) Message-Id: <199906071513.LAA12559@mcfeely.concentric.net> From: "Jeremy Silver" To: Date: Mon, 7 Jun 1999 08:11:58 -0700 X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 Importance: Normal Sensitivity: Private X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org $ echo subscribe securedistros | mail majordomo@nl.linux.org - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 17:16:57 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id RAA12793 for securedistros-list; Mon, 7 Jun 1999 17:15:57 +0200 Received: from purgatory.fdf.net (qmailr@purgatory.fdf.net [63.64.249.53]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id RAA12640 for ; Mon, 7 Jun 1999 17:15:15 +0200 Received: (qmail 14430 invoked from network); 7 Jun 1999 15:15:10 -0000 Received: from alcatraz.fdf.net (HELO alcatraz) (63.64.249.51) by purgatory.fdf.net with SMTP; 7 Jun 1999 15:15:10 -0000 Message-Id: <4.2.0.56.19990607101313.00952b00@purgatory.fdf.net> X-Sender: jailbird@purgatory.fdf.net X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.56 (Beta) Date: Mon, 07 Jun 1999 10:14:52 -0500 To: securedistros@nl.linux.org From: Dustin Marquess Subject: Re: wish list In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org At 03:07 AM 6/7/99 , you wrote: >Hi, > >even if I might be rephrasing other people's 2cents by the following I >think it's important. > >I would appreciate the following in a secure distro: > >- An install tool which offers the installation of sophisticated package >schemes that go along with certain config options (like starting daemons, >ipchains config etc.). What I have in mind is a menu which offers you a >selection in a range from 'Open to the world' to 'Completely locked up'. I >believe Redhat does have something like this but I've never seen a really >handy and easy to overlook approach to this. I personally believe that a secure Linux distribution will disable any service that is non-crucial to the box, and then let the admin turn things on, either manually or via some script. I think the option of "turning everything on" during install would take advantage of lazy admins who will turn all of it on by default. I figure if they NEED it on, they'll take the time to turn it on. -Dustin - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 17:21:50 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id RAA17876 for securedistros-list; Mon, 7 Jun 1999 17:21:50 +0200 Received: from purgatory.fdf.net (qmailr@purgatory.fdf.net [63.64.249.53]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id RAA17726 for ; Mon, 7 Jun 1999 17:21:39 +0200 Received: (qmail 14554 invoked from network); 7 Jun 1999 15:21:34 -0000 Received: from alcatraz.fdf.net (HELO alcatraz) (63.64.249.51) by purgatory.fdf.net with SMTP; 7 Jun 1999 15:21:34 -0000 Message-Id: <4.2.0.56.19990607101523.009609a0@purgatory.fdf.net> X-Sender: jailbird@purgatory.fdf.net X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.56 (Beta) Date: Mon, 07 Jun 1999 10:21:27 -0500 To: securedistros@nl.linux.org From: Dustin Marquess Subject: Re: wish list In-Reply-To: References: <009701beb073$5699cc00$0400010a@mustang.guarded.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org At 06:38 AM 6/7/99 , you wrote: >hi at all!, > Some interesting feature that i think are important: > > >- Compile distro with stackguard I'm kind of iffy about this one. I'm part of the Utopian Linux Distribution, which was designed to be secure and fast out of the box (of course this "design" was about 2 years ago and it hasn't shipped yet...). StackGuard seems to provide a cover-up, at the cost of speed. This speed is unnoticable in small programs, but when you get into large MySQL databases and such, it probably will be. I am also a firm believer that the actually code should be fixed. Fix the code and send a patch to the maintainer. This way everybody reaps the benefits of having a secure program, and we don't have to deal with StackGuard. Now of course this doesn't help if a new bug is found. I have been toying with the idea of using StackGuard on anything that is going to be suid root, just as an added layer of paranoia. I've also been working on a bash script to detect stupid coding mistakes such as insecure strcpy()'s and such, and allow the user to let the script automatically fix them. Of course the script doesn't have enough intelligence to correctly fix things all the time. If anybody has any ideas on how to make this better, I'd appeciate feedback. -Dustin - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 17:24:40 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id RAA18622 for securedistros-list; Mon, 7 Jun 1999 17:24:29 +0200 Received: from txdirect.net (home.opensec.net [209.142.68.10]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id RAA18452 for ; Mon, 7 Jun 1999 17:23:45 +0200 Received: from localhost by txdirect.net with smtp id m10rN3b-0004hoC (Debian Smail-3.2.0.92 1997-Feb-9 #2); Tue, 8 Jun 1999 09:40:51 -0500 (CDT) Date: Tue, 8 Jun 1999 09:40:51 -0500 (CDT) From: Matthew Franz X-Sender: mdfranz@bubba To: securedistros@nl.linux.org Subject: Secured vs. Security Distros and Wish Lists In-Reply-To: <375B430A.40A9811@cse.ogi.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org While we're talking about which tools should be included in a "secure" Linux distribution, I think we need to make the distinction between between Security-Oriented distributions (such as Trinux) and what I believe the purpose of this list--to created a secure (or better yet, hardened) version of Linux. A hardened version of Linux would not (or should not) contain sniffers, port scanners, password crackers, etc. while a security distribution would. -mdf ________________________________________________________________________ Matthew D. Franz mdfranz@txdirect.net http://www.trinux.org Trinux: A Linux Security Toolkit http://www.opensec.net OpenSEC: Open Security Solutions http://www.tds.com Trident Data Systems - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 17:45:52 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id RAA01205 for securedistros-list; Mon, 7 Jun 1999 17:45:52 +0200 Received: from neon.transmeta.com (neon-best.transmeta.com [206.184.214.10]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id RAA01040 for ; Mon, 7 Jun 1999 17:45:33 +0200 Received: from deepthought.transmeta.com (mailhost.transmeta.com [10.1.1.15]) by neon.transmeta.com (8.9.1/8.9.1) with ESMTP id IAA03657 for ; Mon, 7 Jun 1999 08:45:15 -0700 Received: from transmeta.com (morgan@blighty.transmeta.com [10.1.27.37]) by deepthought.transmeta.com (8.8.8+spamcan/8.8.5) with ESMTP id IAA28405 for ; Mon, 7 Jun 1999 08:45:15 -0700 (PDT) Message-ID: <375BE90A.C2E36527@transmeta.com> Date: Mon, 07 Jun 1999 08:45:14 -0700 From: Andrew Morgan Organization: Transmeta Corporation X-Mailer: Mozilla 4.05 [en] (X11; U; Linux 2.2.5 i686) MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: secure distro with new capabilities References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Domas Mituzas wrote: > > Hello to all, > > I am now playing when I have more free time with Linux as a trusted OS. > And I started rather before a long time - by using securebits and similar > stuff. What I reached - a db server, that has files immutable and append > only, that has /proc mounted readonly and restricted. Also it is > impossible to put network devices in promiscous mode etc. That was made > with securelevel (my collegue wrote application, that changes securebits > without special syscall or pid #1 - by rewriting kcore). And now we get > kernel 2.2, that has ELF "capabilities" and securebits. So, there is no I do not believe that 'ELF' capabilities have been absorbed into Linux 2.2. If you want to know how the (defunct) POSIX committee envisioned their 'capabilities' being set and masked, you might like to look at the product of the linux-privs project - which is where the capability support in the kernel originated from: ftp://linux.kernel.org/pub/linux/libs/security/linux-privs/ The kernel-2.2 directory contains the libcap library that exports the 'process only' fraction of the (defunct) POSIX capability interface. The kernel-2.3 directory contains some patches to add VFS support for file capabilities, which are intended to complete the implementation. The libraries contain full documentation, in the form of man pages. Cheers Andrew - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 18:10:00 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id SAA18381 for securedistros-list; Mon, 7 Jun 1999 18:10:00 +0200 Received: from localhost.localdomain (cta-1-as01-7-a05.gd.uol.com.br [200.224.78.5]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id SAA18011 for ; Mon, 7 Jun 1999 18:09:47 +0200 Received: from linux.enter-net.com.br (localhost [127.0.0.1]) by localhost.localdomain (8.9.3/8.9.3) with ESMTP id NAA00612 for ; Fri, 7 May 1999 13:09:54 -0300 Message-ID: <37331051.F215DCE4@linux.enter-net.com.br> Date: Fri, 07 May 1999 13:09:53 -0300 From: Renato Murilo Langona X-Mailer: Mozilla 4.51 [en] (X11; I; Linux 2.2.5-15 i586) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: wish list References: <199906071420.HAA16948@hipmail13.gohip.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hz, scooby sir wrote: > > The problem is that to have a truly secure machine(linux or non linux) you must > watch lists like bugtraq, and install patches as soon as vulnerabilities are > discovered. You can develop an extreemly secure machine, but 6 months later if > no updates were applied the machine it could be wide open. The fact is you cant > > make sys admins update their machines. > > Matt Olevano > So I supose a secure distribution MUST have stronger documentation regarding these topics (watch lists, frequently updates, self critic using free audit tools...) for the admins (aka general users) ... Best regards, -- [+]-<->-----------------------------------------------------------[+] | Renato Murilo Langona | [BEAVISII/SuidBit]@irc | UIN: 16798646 | | <[Network System Administrator/Consultant]> | | http://www.redebrasil.org.br [RedeBR IRC Brazil] | | http://rwx.shellexpress.net [rwx network security] | | http://lasg.supernetcom.com.br [Linux Security Adm. Guide] | [+]-<->-----------------------------------------------------------[+] - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 18:13:06 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id SAA22311 for securedistros-list; Mon, 7 Jun 1999 18:13:06 +0200 Received: from mail.roava.net (IDENT:root@[209.54.158.4]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id SAA22150 for ; Mon, 7 Jun 1999 18:12:53 +0200 Received: from eris.kha0s.org (usr30.roava.net [209.54.158.130]) by mail.roava.net (8.9.1/8.9.1) with ESMTP id MAA26310 for ; Mon, 7 Jun 1999 12:12:44 -0400 Received: by eris.kha0s.org via sendmail from stdin id (Debian Smail3.2.0.101) for securedistros@nl.linux.org; Mon, 7 Jun 1999 04:06:13 -0700 (PDT) Date: Mon, 7 Jun 1999 04:06:13 -0700 From: Scott Fallin To: securedistros@nl.linux.org Subject: Re: wish list Message-ID: <19990607040613.A1918@kha0s.org> References: <375B430A.40A9811@cse.ogi.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.3i In-Reply-To: ; from Rik van Riel on Mon, Jun 07, 1999 at 10:08:12AM +0200 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org * Rik van Riel : > > That is a non-sequetor. There is no "this distro"; "securedistro" is > > for sharing information among several "secure Linux" projects which > > have, for a variety of reasons, chosen not to merge. Some are > > US-based, some are not. > > I think we can put all strong crypto packages on a non-US > site. Working together is not just in general design plans > and technical stuff -- we can also use it to get around > stupid legislation :) > Stupid legislation indeed. One of the reasons I started kha0s was to help draw attention (in the U.S.) to just how useful and necessary strong crypto is. If this list can developers get around draconian and short sighted legislation, that would be wonderful. As an aside, I've found this list quite helpful already, as it has given me a better idea of just what people will demand out of a secure system. Best Regards, -- Scott Fallin kha0s Linux http://kha0s.org saf@kha0s.org Better Living Through Extreme Paranoia - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 18:25:28 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id SAA15430 for securedistros-list; Mon, 7 Jun 1999 18:25:28 +0200 Received: from netralink.hotlink.com.br (netralink.hotlink.com.br [200.249.243.1]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id SAA15290 for ; Mon, 7 Jun 1999 18:25:19 +0200 Received: (qmail 27325 invoked from network); 7 Jun 1999 16:25:57 -0000 Received: from netralink.hotlink.com.br (HELO netralink) (200.249.243.1) by netralink.hotlink.com.br with SMTP; 7 Jun 1999 16:25:57 -0000 Date: Mon, 7 Jun 1999 13:25:57 -0300 (EST) From: Cristiano Lincoln Mattos To: securedistros@nl.linux.org Subject: Re: wish list (3 replies digestified) In-Reply-To: <199906070525.GAA06277@notatla.demon.co.uk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, 7 Jun 1999, Antonomasia wrote: > From: Brandon Craig Rhodes > > o Uses postfix by default instead of sendmail. > IBM's current licence prevents this. It may improve. Why not use qmail? Cristiano Lincoln Mattos Recife / Brazil - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 18:27:29 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id SAA16479 for securedistros-list; Mon, 7 Jun 1999 18:27:29 +0200 Received: from netralink.hotlink.com.br (netralink.hotlink.com.br [200.249.243.1]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id SAA16311 for ; Mon, 7 Jun 1999 18:27:16 +0200 Received: (qmail 27904 invoked from network); 7 Jun 1999 16:27:54 -0000 Received: from netralink.hotlink.com.br (HELO netralink) (200.249.243.1) by netralink.hotlink.com.br with SMTP; 7 Jun 1999 16:27:54 -0000 Date: Mon, 7 Jun 1999 13:27:54 -0300 (EST) From: Cristiano Lincoln Mattos To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org There is syslog-ng, a replacemente for syslogd, which can filter logs based on string matching (i dont know if it supports regex'es yet, but it's getting there). Also, it should in the future implement hashes of log files, to detect tampering. Cristiano Lincoln Mattos Recife / Brazil On Mon, 7 Jun 1999, Sebastian Fallert wrote: > - A tool which uses regexes to analyse Logfiles. I'm sure this exists > even in connection with the usual distros but without regexes which have > proven to be useful. I think it's important also a common user can always > overlook what's going on in his logfiles w/o having to browse through k's > of lines. > > > Cheers, > -Sebastian > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ > - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 18:35:31 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id SAA00956 for securedistros-list; Mon, 7 Jun 1999 18:35:31 +0200 Received: from mx.nkm.lt (qmailr@nkm.tdd.lt [193.219.211.9]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id SAA00856 for ; Mon, 7 Jun 1999 18:35:23 +0200 Received: (qmail 26729 invoked from network); 7 Jun 1999 16:35:18 -0000 Received: from nkm.tdd.lt (HELO mx.nkm.lt) (midom@193.219.211.9) by nkm.tdd.lt with SMTP; 7 Jun 1999 16:35:18 -0000 Date: Mon, 7 Jun 1999 18:35:18 +0200 (CEST) From: Domas Mituzas X-Sender: midom@mx.nkm.lt To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > There is syslog-ng, a replacemente for syslogd, which > can filter logs based on string matching (i dont know if it > supports regex'es yet, but it's getting there). Also, it should > in the future implement hashes of log files, to detect tampering. if the matter is about logging - at first /dev/log (or any other pipe or socket to syslog or syslogd) should be wither 660 with group "logging", either syslog or whatever is used should have ACLS for users - which ones can add entries tu kernel emerg log (by default every user can do this). So it is rather easy to fake records. Also a good feature is append only logfiles, and syslogd running as user "logdaemon" which is not root, as it happens always. To make Linux or any other OS secure it is necessary to look not only into buffer owerflows, but also what these proggies do in their normal operation mode :) With respect, Domas Mituzas - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 18:46:41 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id SAA25819 for securedistros-list; Mon, 7 Jun 1999 18:46:41 +0200 Received: from jackstraw.syr.edu (IDENT:root@sudial0306-051.syr.edu [128.230.151.51]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id SAA25654 for ; Mon, 7 Jun 1999 18:46:30 +0200 Received: from calvert.syr.edu (calvert [192.168.4.69]) by jackstraw.syr.edu (8.9.3/8.9.3) with SMTP id MAA08886 for ; Mon, 7 Jun 1999 12:48:03 -0400 From: Douglas Elznic To: securedistros@nl.linux.org Subject: Re: Secured vs. Security Distros and Wish Lists Date: Mon, 7 Jun 1999 12:46:27 -0400 X-Mailer: KMail [version 1.0.21] Content-Type: text/plain References: MIME-Version: 1.0 Message-Id: <99060712473600.05277@calvert.syr.edu> Content-Transfer-Encoding: 8bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Tue, 08 Jun 1999, you wrote: > While we're talking about which tools should be included in a "secure" > Linux distribution, I think we need to make the distinction between > between Security-Oriented distributions (such as Trinux) and what I > believe the purpose of this list--to created a secure (or better yet, > hardened) version of Linux. A hardened version of Linux would not (or > should not) contain sniffers, port scanners, password crackers, etc. while > a security distribution would. > Why _SHOULD_ it not contain these tools. I do not see why it should not maybe it does not need them to be secure but there is no reason it should not have these tools. Furthermore there is a lot to be said for using these tools against your own system to make sure it is secure. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 18:56:16 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id SAA17843 for securedistros-list; Mon, 7 Jun 1999 18:56:16 +0200 Received: from fep03-svc.tin.it (mta03-acc.tin.it [212.216.176.34]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id SAA17807 for ; Mon, 7 Jun 1999 18:56:07 +0200 Received: from a-er1-26.tin.it ([212.216.56.57]) by fep03-svc.tin.it (InterMail v4.0 201-221-105) with ESMTP id <19990607165551.MEOR20919.fep03-svc@a-er1-26.tin.it> for ; Mon, 7 Jun 1999 18:55:51 +0200 Date: Mon, 7 Jun 1999 18:51:29 +0200 (CEST) From: Emanuele X-Sender: root@r00t.DisLESSici.ORG To: securedistros@nl.linux.org Subject: Re: Secured vs. Security Distros and Wish Lists In-Reply-To: <99060712473600.05277@calvert.syr.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hi at all, I think that with tcpdump for example you can see net traffic (it isn't only a program for cracker), and you can see and understand strange LAN traffic. With portscanner such as nmap you can found a backdoor on high port and with a password cracker such as jripper you can crack and unshadows a passwd file and send the result to the users that have stupid password. Byebye, Emanuele -- Hi Echelon!, none of your business. ntfLANder@ircnet -- Punk is not sad -- www.disLESSici.org/ntf - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 19:09:28 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA14091 for securedistros-list; Mon, 7 Jun 1999 19:09:28 +0200 Received: from juno.princetontele.com (juno.princetontele.com [38.244.162.51]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA13999 for ; Mon, 7 Jun 1999 19:09:03 +0200 Received: from hermes.princetontele.com (hermes.princetontele.com [192.168.6.2]) by juno.princetontele.com (Postfix) with ESMTP id 4E5B083D4 for ; Mon, 7 Jun 1999 13:08:59 -0400 (EDT) Received: from fleck.princetontele.com (fleck.princetontele.com [192.168.6.31]) by hermes.princetontele.com (Postfix) with ESMTP id 8152826D94 for ; Mon, 7 Jun 1999 13:08:58 -0400 (EDT) Received: by fleck.princetontele.com (Postfix, from userid 500) id 4A4D5B47A; Mon, 7 Jun 1999 13:08:58 -0400 (EDT) X-Mailer: exmh version 2.1.0 04/14/1999 To: securedistros@nl.linux.org Subject: Re: wish list (3 replies digestified) In-Reply-To: Your message of "Mon, 07 Jun 1999 13:25:57 -0300." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 07 Jun 1999 13:08:57 -0400 From: Chip Christian Message-Id: <19990607170858.4A4D5B47A@fleck.princetontele.com> Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org One good reason: postfix code is *much* easier to read and understand than qmail code. And since the goal is better security... > > On Mon, 7 Jun 1999, Antonomasia wrote: > > > From: Brandon Craig Rhodes > > > o Uses postfix by default instead of sendmail. > > IBM's current licence prevents this. It may improve. > > Why not use qmail? > > Cristiano Lincoln Mattos Recife / Brazil > > > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ > - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 19:16:53 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA27316 for securedistros-list; Mon, 7 Jun 1999 19:16:53 +0200 Received: from scan.atvideo.com (ns1.atvideo.com [204.57.215.3]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA27175 for ; Mon, 7 Jun 1999 19:16:35 +0200 Received: from chadth (chadth.atvideo.com [10.0.0.130]) by scan.atvideo.com (8.9.3/8.9.3) with SMTP id KAA16969 for ; Mon, 7 Jun 1999 10:25:14 -0700 (PDT) From: "Chad Thunberg" To: Subject: RE: wish list Date: Mon, 7 Jun 1999 10:14:01 -0700 Message-ID: <001901beb109$22dc5680$8200000a@atvideo.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Most of you probably have seen this but this is a great paper on implementing various crypto tools. http://www.infowar.co.uk/thc/files/thc/anonymous-unix.html Thanks, -Chad -----Original Message----- From: owner-securedistros@humbolt.nl.linux.org [mailto:owner-securedistros@humbolt.nl.linux.org] On Behalf Of Domas Mituzas Sent: Monday, June 07, 1999 9:35 AM To: securedistros@nl.linux.org Subject: Re: wish list > There is syslog-ng, a replacemente for syslogd, which > can filter logs based on string matching (i dont know if it > supports regex'es yet, but it's getting there). Also, it should > in the future implement hashes of log files, to detect tampering. if the matter is about logging - at first /dev/log (or any other pipe or socket to syslog or syslogd) should be wither 660 with group "logging", either syslog or whatever is used should have ACLS for users - which ones can add entries tu kernel emerg log (by default every user can do this). So it is rather easy to fake records. Also a good feature is append only logfiles, and syslogd running as user "logdaemon" which is not root, as it happens always. To make Linux or any other OS secure it is necessary to look not only into buffer owerflows, but also what these proggies do in their normal operation mode :) With respect, Domas Mituzas - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 19:32:14 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA01932 for securedistros-list; Mon, 7 Jun 1999 19:32:14 +0200 Received: from maru (jaleo.idecnet.com [194.179.48.59]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id TAA01855 for ; Mon, 7 Jun 1999 19:32:02 +0200 Received: from jaleo.idecnet.com (nuucp@localhost) by maru (950413.SGI.8.6.12/950213.SGI.AUTOCF) via UUCP id SAA06169 for maru!nl.linux.org!securedistros; Mon, 7 Jun 1999 18:31:21 +0100 Received: from teta by jaleo.idecnet.com via ESMTP (950413.SGI.8.6.12/930416.SGI) for id SAA23741; Mon, 7 Jun 1999 18:26:22 +0100 Received: from jaleo.idecnet.com by teta (950413.SGI.8.6.12) id SAA17917; Mon, 7 Jun 1999 18:26:55 +0100 Message-ID: <375C00D3.909B5AD@jaleo.idecnet.com> Date: Mon, 07 Jun 1999 18:26:45 +0100 From: Martin Mielke Organization: Jaleo Development Team X-Mailer: Mozilla 4.02 [en] (X11; I; IRIX64 6.2 IP28) MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Digest Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hello everybody, is there any way to receive a digest at the end of the day, instead of an email every five minutes? Thanks, Martin - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 19:39:50 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA15865 for securedistros-list; Mon, 7 Jun 1999 19:39:50 +0200 Received: from church.cse.ogi.edu (root@cse.ogi.edu [129.95.20.2]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA15762 for ; Mon, 7 Jun 1999 19:39:42 +0200 Received: from cse.ogi.edu (crispin@dialup-07.cse.ogi.edu [129.95.49.7]) by church.cse.ogi.edu (8.8.6/8.8.6) with ESMTP id KAA14385 for ; Mon, 7 Jun 1999 10:39:35 -0700 (PDT) Message-ID: <375C0362.124D1C1@cse.ogi.edu> Date: Mon, 07 Jun 1999 10:37:38 -0700 From: Crispin Cowan Organization: Oregon Graduate Institute X-Mailer: Mozilla 4.6 [en] (X11; I; Linux 2.0.35 i586) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: References: <199906071513.LAA12559@mcfeely.concentric.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Jeremy Silver wrote: > $ echo subscribe securedistros | mail majordomo@nl.linux.org I take it that this subscription method was deliberately designed to filter out the clueless? :-) Crispin ----- Crispin Cowan, Research Assistant Professor of Computer Science, OGI NEW: Protect Your Linux Host with StackGuard'd Programs :FREE http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ Microsoft: Putting the "lame" in "layman" - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 19:42:46 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA19349 for securedistros-list; Mon, 7 Jun 1999 19:42:46 +0200 Received: from alcove.wittsend.com (IDENT:root@alcove.wittsend.com [130.205.0.20]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA19229 for ; Mon, 7 Jun 1999 19:42:36 +0200 Received: (from mhw@localhost) by alcove.wittsend.com (8.9.3/8.9.3) id NAA15614 for securedistros@nl.linux.org; Mon, 7 Jun 1999 13:42:32 -0400 From: "Michael H. Warfield" Message-Id: <199906071742.NAA15614@alcove.wittsend.com> Subject: Re: In-Reply-To: <375C0362.124D1C1@cse.ogi.edu> from Crispin Cowan at "Jun 7, 1999 10:37:38 am" To: securedistros@nl.linux.org Date: Mon, 7 Jun 1999 13:42:32 -0400 (EDT) X-Mailer: ELM [version 2.4ME+ PL56 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Crispin Cowan enscribed thusly: > Jeremy Silver wrote: > > $ echo subscribe securedistros | mail majordomo@nl.linux.org > I take it that this subscription method was deliberately designed to > filter out the clueless? :-) Oh god... If it only could... :-) > Crispin > ----- > Crispin Cowan, Research Assistant Professor of Computer Science, OGI > NEW: Protect Your Linux Host with StackGuard'd Programs :FREE > http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ > > Microsoft: Putting the "lame" in "layman" Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (770) 925-8248 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 19:50:16 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA01592 for securedistros-list; Mon, 7 Jun 1999 19:50:16 +0200 Received: from eclipse.olc.accomack.k12.va.us ([206.241.115.100]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA01374 for ; Mon, 7 Jun 1999 19:49:58 +0200 Received: from olc.accomack.k12.va.us (c250.olc.accomack.k12.va.us [192.168.1.250]) by eclipse.olc.accomack.k12.va.us (8.7.5/8.7.3/urlabs) with ESMTP id NAA03676 for ; Mon, 7 Jun 1999 13:49:04 -0400 (EDT) Message-ID: <375C0AA8.B31ABE@olc.accomack.k12.va.us> Date: Mon, 07 Jun 1999 14:08:40 -0400 From: Mark Organization: Accomack County Public Schools X-Mailer: Mozilla 4.6 [en] (Win95; I) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: References: <199906071742.NAA15614@alcove.wittsend.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org "Michael H. Warfield" wrote: > > Crispin Cowan enscribed thusly: > > Jeremy Silver wrote: > > > > $ echo subscribe securedistros | mail majordomo@nl.linux.org > > > I take it that this subscription method was deliberately designed to > > filter out the clueless? :-) > > Oh god... If it only could... :-) Perhaps the list could filter out messages sent from non-subscribers? I'm not sure if that aligns with the foundation of the list, but it might help cut down spam, especially once the "FREE SEX NOW" spam-bots learn this address. M - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 19:53:59 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA08310 for securedistros-list; Mon, 7 Jun 1999 19:53:59 +0200 Received: from mirkwood.nl.linux.org (root@agratax.demon.nl [212.238.108.69]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA08094 for ; Mon, 7 Jun 1999 19:53:47 +0200 Received: from localhost (riel@localhost) by mirkwood.nl.linux.org (8.9.0/8.9.3) with ESMTP id TAA21458 for ; Mon, 7 Jun 1999 19:53:13 +0200 Date: Mon, 7 Jun 1999 19:53:13 +0200 (CEST) From: Rik van Riel To: securedistros@nl.linux.org Subject: Re: Digest In-Reply-To: <375C00D3.909B5AD@jaleo.idecnet.com> Message-ID: X-Search-Engine-Bait: http://humbolt.nl.linux.org/ X-My-Own-Server: http://www.nl.linux.org/ MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, 7 Jun 1999, Martin Mielke wrote: > is there any way to receive a digest at the end of the day, > instead of an email every five minutes? Yeah, subscribe to securedistros-digest instead of securedistros :) cheers, Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 19:58:50 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA12642 for securedistros-list; Mon, 7 Jun 1999 19:58:19 +0200 Received: from txdirect.net (home.opensec.net [209.142.68.10]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA12427 for ; Mon, 7 Jun 1999 19:57:43 +0200 Received: from localhost by txdirect.net with smtp id m10rPSd-0004hoC (Debian Smail-3.2.0.92 1997-Feb-9 #2); Tue, 8 Jun 1999 12:14:51 -0500 (CDT) Date: Tue, 8 Jun 1999 12:14:51 -0500 (CDT) From: Matthew Franz X-Sender: mdfranz@bubba To: securedistros@nl.linux.org Subject: Re: Secured vs. Security Distros and Wish Lists In-Reply-To: <99060712473600.05277@calvert.syr.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > > Why _SHOULD_ it not contain these tools. I do not see why it should > not maybe it does not need them to be secure but there is no reason it > should not have these tools. Furthermore there is a lot to be said for > using these tools against your own system to make sure it is secure. Here a few tools I **wouldn't** want on let's say an external Web/DNS server on my DMZ or on a UNIX based firewall: sniffit - no obvious *defensive* security uses whatsoever, except for scaring folks into using ssh vulnerability scanners (network) - saint/satan/sara and other tools such as mns, nskan, cgichk, etc. that scan for specific network vulnerabilities exploits - DoS stuff, the exploit of the month, remote (ftp, pop, imap, bind, tooltalk, whatever) or local exploits that allow me to overwrite uid 0 files.... Probably not a good idea. port scanners - not as harmful as the others, but let's say I compromise your firewall and you just happen to have nmap sitting in /usr/local/bin/ so you can probe yourself. hmmm... I like it... Or on your webserver, now I can start scanning folks from *your* site.. I like it even better. Part of the problem her is that we have not defined/described what a "secure" Linux distribution or installation is. This will be an extremely difficult problem because security has lots of gray areas. Security is highly dependent on the context. Security is relative to the risk you are willing to accept. If this "secure" fileserver is going to be sitting behind a couple of routers and a firewall and under the watchful eye of a network IDS, it will be totally different from a "secure" ftp or mail server exposed to the world. Sure I've got tcpdump, nmap, and a bunch of stuff I probably shouldn't have on one of my firewalls, but thats because that network isn't a production network and I'm willing to accept the risk of someone compromising that box and using those tools against a bunch of Linux/Sparcs in a classroom which have to be baselined after every class anyway. But would I want those tools included in a Linux distribution that marketed itself as being secure? No. Would I want them I a Linux distribution that marketed itself as being good for probing other boxes and testing for vulnerabilities, by all means. -mdf ________________________________________________________________________ Matthew D. Franz mdfranz@txdirect.net http://www.trinux.org Trinux: A Linux Security Toolkit http://www.opensec.net OpenSEC: Open Security Solutions - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 21:30:55 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id VAA23642 for securedistros-list; Mon, 7 Jun 1999 21:30:55 +0200 Received: from mirkwood.nl.linux.org (root@agratax.demon.nl [212.238.108.69]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id VAA23349 for ; Mon, 7 Jun 1999 21:30:44 +0200 Received: from localhost (riel@localhost) by mirkwood.nl.linux.org (8.9.0/8.9.3) with ESMTP id VAA22592 for ; Mon, 7 Jun 1999 21:23:31 +0200 Date: Mon, 7 Jun 1999 21:23:31 +0200 (CEST) From: Rik van Riel To: securedistros@nl.linux.org Subject: Re: In-Reply-To: <375C0AA8.B31ABE@olc.accomack.k12.va.us> Message-ID: X-Search-Engine-Bait: http://humbolt.nl.linux.org/ X-My-Own-Server: http://www.nl.linux.org/ MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, 7 Jun 1999, Mark wrote: > "Michael H. Warfield" wrote: > Perhaps the list could filter out messages sent from > non-subscribers? I'm not sure if that aligns with the foundation > of the list, but it might help cut down spam, NL.linux.org uses RBL. We're quite safe from spam -- I guess about one message per month gets through to _all_ mailing lists on the site... Besides, closing the list is pretty much out of the question for a project like this. Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 21:36:32 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id VAA00744 for securedistros-list; Mon, 7 Jun 1999 21:36:32 +0200 Received: from raven.bu.edu (RAVEN.BU.EDU [128.197.128.31]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id VAA00665 for ; Mon, 7 Jun 1999 21:36:22 +0200 Received: from localhost (jehahn@localhost) by raven.bu.edu ((8.8.8.buoit.v1.0)/8.8.8/(BU-S-10/08/98-v1.0)) with ESMTP id PAA23279 for ; Mon, 7 Jun 1999 15:36:18 -0400 (EDT) Message-Id: <199906071936.PAA23279@raven.bu.edu> To: securedistros@nl.linux.org Subject: Secured vs. Security Distros and Wish Lists In-reply-to: Your message of "Tue, 08 Jun 1999 12:14:51 CDT." Date: Mon, 07 Jun 1999 15:36:18 -0400 From: Justin Hahn Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org [snip a lot of details] > But would I want those tools included in a Linux distribution that > marketed itself as being secure? No. Would I want them I a Linux > distribution that marketed itself as being good for probing other boxes > and testing for vulnerabilities, by all means. I'm not sure I see the big deal here. I recently had a machine compromised (it seems sun's ufsrestore patch doesn't close the holes it is supposed to...) and I had some script kiddies running around one of my boxen. They *BROUGHT* nmap with them (along with some other fun toys). Once you have a shell running, with a network connection, you can find a way to bring anything in you want. This isn't to say I advocate installing scanners on your firewalls. That's not a good idea. But I don't see the big deal of having being a package in a distribution. I wouldn't make it something that comes default installed, but I'd certainly make it something you could get if you wanted it. If that's stupid, I'm not seeing it. ----------------------------------------------- Justin Hahn Systems Administrator Boston University SPI Lab ----------------------------------------------- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 21:55:05 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id VAA11227 for securedistros-list; Mon, 7 Jun 1999 21:55:05 +0200 Received: from mx.nkm.lt (qmailr@nkm.tdd.lt [193.219.211.9]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id VAA11113 for ; Mon, 7 Jun 1999 21:54:55 +0200 Received: (qmail 28664 invoked from network); 7 Jun 1999 19:54:51 -0000 Received: from nkm.tdd.lt (HELO mx.nkm.lt) (midom@193.219.211.9) by nkm.tdd.lt with SMTP; 7 Jun 1999 19:54:51 -0000 Date: Mon, 7 Jun 1999 21:54:51 +0200 (CEST) From: Domas Mituzas X-Sender: midom@mx.nkm.lt To: securedistros@nl.linux.org Subject: Re: Secured vs. Security Distros and Wish Lists In-Reply-To: <199906071936.PAA23279@raven.bu.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > toys). Once you have a shell running, with a network connection, you > can find a way to bring anything in you want. here comes the issue of secured kernel in a secure system. with linux 2.0 when securelevel is >0 no such toys are working... neither tcpdump, neither nmap. so, when talking about secure distro there should be thought about such projects as linux-privs, medusa etc. only kernel-level protection can help from kiddies. and about solaris - that ufs patch really was not working (I was script kiddie once... :( there can be no compilator, but nobody can stop kiddies from sending precompiled binaries via ftp/mail/scp/rcp/whatever works :-) it can be even done by using printf "\25\132\..." script, generated on other computer and pasted into terminal :-) So the possible guidelines for secure linux distribution may be: 1. restricted exec() 2. securelevel on 2.0 3. securebits on 2.2 4. linux-privs on 2.3 (2.2?) - capabilities. 5. something in medusa kernel - checking it right now 6. chrooted environments (as vaults in hp vvos) 7. no system at all (or hp virtualvault :-) this may sound like a paranoia, but if there are no such linux distributions, people may use redhat. userspace programs can be installed/upgraded/removed everywhere. another thing in trusted os should be auditing. I saw something happening, but it didn't reach users right now. again, auditing should be kernel level (syslog is still userlevel thing :-/ ) With respect, Domas Mituzas - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 21:58:33 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id VAA15946 for securedistros-list; Mon, 7 Jun 1999 21:58:33 +0200 Received: from mail.inka.de (mail@quechua.inka.de [212.227.14.2]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id VAA15881 for ; Mon, 7 Jun 1999 21:58:25 +0200 Received: from dungeon.inka.de by mail.inka.de with uucp (rmailwrap 0.4) id 10r5XJ-0008SZ-00; Mon, 7 Jun 1999 21:58:21 +0200 Received: by dungeon.inka.de (Postfix, from userid 1000) id BB2C3B7858; Mon, 7 Jun 1999 21:43:46 +0200 (CEST) Date: Mon, 7 Jun 1999 21:43:46 +0200 From: Andreas Jellinghaus To: securedistros@nl.linux.org Subject: device permissions Message-ID: <19990607214346.A13745@dungeon.inka.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.3i Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org if someone has realy much time, check the list of devices (included in the linux kernel source code), look at the device source or talk to the author and find secure permissions for devices. i don't expect major problems - nobody grants devices to /dev/hd* to non-root (except debian and maybe others, they have a group disk). but maybe nobody took the time to secure mouse devices. and with some mouse devices you can make your x server hang, or even worse stuff (see bugtraq report on psaux, about 2 years old). stuff like this, there will be a lot. another example: what rights should be given to isdn users on isdn devices ? getting status information revelas the caller/callee number. writing can do worse ? don't know. nothing big, but it could be worth to invest some time here. andreas - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 22:02:20 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id WAA20807 for securedistros-list; Mon, 7 Jun 1999 22:02:20 +0200 Received: from newman.cs.purdue.edu (0@newman.cs.purdue.edu [128.10.2.6]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id WAA20754 for ; Mon, 7 Jun 1999 22:02:08 +0200 Received: from lemuria.cs.purdue.edu (0@lemuria.cs.purdue.edu [128.10.17.66]) by newman.cs.purdue.edu (8.8.7/8.8.7/PURDUE_CS-2.0) with ESMTP id PAA04836 for ; Mon, 7 Jun 1999 15:02:04 -0500 (EST) Received: from localhost (670@localhost [127.0.0.1]) by lemuria.cs.purdue.edu (8.8.7/8.8.7/PURDUE_CS-2.0) with SMTP id PAA15731 for ; Mon, 7 Jun 1999 15:02:03 -0500 (EST) Message-Id: <199906072002.PAA15731@lemuria.cs.purdue.edu> X-Authentication-Warning: lemuria.cs.purdue.edu: 670@localhost [127.0.0.1] didn't use HELO protocol X-Mailer: exmh version 2.0.1 12/23/97 To: securedistros@humbolt.nl.linux.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 07 Jun 1999 15:02:02 -0500 From: daniels@cs.purdue.edu (Tom Daniels) Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org auth a596a833 subscribe securedistros daniels@cs.purdue.edu - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 22:10:03 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id WAA01139 for securedistros-list; Mon, 7 Jun 1999 22:10:03 +0200 Received: from colombina.comedia.it (colombina.comedia.it [212.4.17.10]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id WAA00868 for ; Mon, 7 Jun 1999 22:09:50 +0200 Received: (from bluca@localhost) by colombina.comedia.it (8.99.99/8.99.99) id WAA12440 for securedistros@nl.linux.org; Mon, 7 Jun 1999 22:05:03 +0200 Date: Mon, 7 Jun 1999 22:05:02 +0200 From: Luca Berra To: securedistros@nl.linux.org Subject: Re: Message-ID: <19990607220502.A12129@colombina.comedia.it> References: <375C0AA8.B31ABE@olc.accomack.k12.va.us> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/0.96.1i In-Reply-To: ; from Rik van Riel on Mon, Jun 07, 1999 at 09:23:31PM +0200 X-Operating-System: Linux Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, Jun 07, 1999 at 09:23:31PM +0200, Rik van Riel wrote: > On Mon, 7 Jun 1999, Mark wrote: > > "Michael H. Warfield" wrote: > > > Perhaps the list could filter out messages sent from > > non-subscribers? I'm not sure if that aligns with the foundation > > of the list, but it might help cut down spam, > > NL.linux.org uses RBL. We're quite safe from spam -- I guess > about one message per month gets through to _all_ mailing > lists on the site... what about putting taboo_body << END echo subscribe securedistros END in the list config file -- Luca Berra -- bluca@comedia.it Communications Media & Services S.r.l. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 22:12:08 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id WAA02562 for securedistros-list; Mon, 7 Jun 1999 22:12:08 +0200 Received: from kiwi.pyro.net (qmailr@pyrotechnics.com [207.7.10.2]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id WAA02434 for ; Mon, 7 Jun 1999 22:11:54 +0200 Received: (qmail 2229 invoked by uid 689); 7 Jun 1999 20:13:00 -0000 Date: Mon, 7 Jun 1999 15:13:00 -0500 (CDT) From: John Pierce X-Sender: hawkfan@kiwi.pyro.net To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: <37331051.F215DCE4@linux.enter-net.com.br> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Fri, 7 May 1999, Renato Murilo Langona wrote: > From: Renato Murilo Langona > Subject: Re: wish list > > So I supose a secure distribution MUST have stronger documentation > regarding these topics (watch lists, frequently updates, self critic > using free audit tools...) for the admins (aka general users) ... > I think this is the most important part. Detailed and up to date documentation is critical in a secure system. Both admins and users need to know exactly what the consequences of running certain software and changing settings. Mailing list archives are not enough, I'd recommend accompanying each package shipped with a detailed description of its audit status, *possible* vulnerabilities introduced by installing or running it and precautions that can be taken to avoid them. Presenting the option to subscribe to a security update only mailing list during the install would probably help too. I'd guess that most users and admin's would make better decisions re: security if they were better informed. John.. -- John Pierce | Finger for PGP key or see: hawkfan@pyrotechnics.com | http://www.pyrotechnics.com/~hawkfan/ Fingerprint: 5F FC 0A 2D D6 FD B9 3E 57 34 E5 96 AB FC 9D 13 - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 7 22:17:11 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id WAA07582 for securedistros-list; Mon, 7 Jun 1999 22:17:11 +0200 Received: from alcove.wittsend.com (IDENT:root@alcove.wittsend.com [130.205.0.20]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id WAA07372 for ; Mon, 7 Jun 1999 22:16:59 +0200 Received: (from mhw@localhost) by alcove.wittsend.com (8.9.3/8.9.3) id QAA18515 for securedistros@nl.linux.org; Mon, 7 Jun 1999 16:16:55 -0400 From: "Michael H. Warfield" Message-Id: <199906072016.QAA18515@alcove.wittsend.com> Subject: Re: In-Reply-To: <19990607220502.A12129@colombina.comedia.it> from Luca Berra at "Jun 7, 1999 10:05:02 pm" To: securedistros@nl.linux.org Date: Mon, 7 Jun 1999 16:16:55 -0400 (EDT) X-Mailer: ELM [version 2.4ME+ PL56 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Luca Berra enscribed thusly: > On Mon, Jun 07, 1999 at 09:23:31PM +0200, Rik van Riel wrote: > > On Mon, 7 Jun 1999, Mark wrote: > > > "Michael H. Warfield" wrote: > > > Perhaps the list could filter out messages sent from > > > non-subscribers? I'm not sure if that aligns with the foundation > > > of the list, but it might help cut down spam, > > NL.linux.org uses RBL. We're quite safe from spam -- I guess > > about one message per month gets through to _all_ mailing > > lists on the site... I use a combination of RBL, ORBS (Open Relay Behavior-modification System) and DSSL (Dynamic-ip Spam Source List). Fairly low false positive hit ratio (other than toad.com and the cypherpunks list - why do they permit unrestricted spam relaying?). DSSL really nails a LOT of spam and almost no false positives. I don't use IMRSS (which polls for open relay sites whether they've been abused or not) or the Shub lists (which are more agressive spam black lists). > what about putting > taboo_body << END > echo subscribe securedistros > END That's one level of idiot filtering. You would be amaze at how may ways there are to mispeel "subscribe", "unsubscribe", "remove", or "leave". But that has nothing to do with SPAM! > in the list config file > -- > Luca Berra -- bluca@comedia.it > Communications Media & Services S.r.l. Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (770) 925-8248 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 00:04:42 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA17496 for securedistros-list; Tue, 8 Jun 1999 00:04:42 +0200 Received: from poteidaia.utdallas.edu (poteidaia.utdallas.edu [129.110.10.1]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA17405 for ; Tue, 8 Jun 1999 00:04:34 +0200 Received: from pc2738.utdallas.edu (pc2738.utdallas.edu [129.110.27.38]) by poteidaia.utdallas.edu (8.9.1/8.9.1/null-3.5) with ESMTP id RAA19621 for ; Mon, 7 Jun 1999 17:04:30 -0500 (CDT) Date: Mon, 07 Jun 1999 17:02:52 -0500 From: Paul L Schmehl To: securedistros@nl.linux.org Subject: Re: Message-ID: <1062037015.928774972@pc2738.utdallas.edu> In-Reply-To: <375C0362.124D1C1@cse.ogi.edu> Originator-Info: login-id=pauls; server=inbox-p.utdallas.edu X-Mailer: Mulberry (Win32) [1.4.2, s/n S-398085] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Whoever successfully completes *that* algorithm can retire to the Bahamas. :-) --On 6/7/99, 10:37 AM -0700 Crispin Cowan wrote: > Jeremy Silver wrote: > >> $ echo subscribe securedistros | mail majordomo@nl.linux.org > > I take it that this subscription method was deliberately designed to > filter out the clueless? :-) > > Crispin > ----- > Crispin Cowan, Research Assistant Professor of Computer Science, OGI > NEW: Protect Your Linux Host with StackGuard'd Programs :FREE > http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ > > Microsoft: Putting the "lame" in "layman" > > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ Paul L. Schmehl, pauls@utdallas.edu Technical Support Services Manager The University of Texas at Dallas - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 00:35:17 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA15919 for securedistros-list; Tue, 8 Jun 1999 00:35:17 +0200 Received: from monkey.nss.nu ([193.15.107.93]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA15857 for ; Tue, 8 Jun 1999 00:35:10 +0200 Received: from antisocial.junknet (dialup61-4-56.swipnet.se [130.244.61.248]) by monkey.nss.nu (8.8.8/8.8.8/Debian/GNU) with ESMTP id AAA16254 for ; Tue, 8 Jun 1999 00:45:42 +0200 Date: Mon, 7 Jun 1999 22:36:59 +0000 (GMT) From: Thomas Habets X-Sender: thompa@antisocial.junknet To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, 7 Jun 1999, Rik van Riel wrote: >Not really. At least one of the distributions is hosted >in the Netherlands, besides, it's not forbidden to export >strong crypto in source form... Er... then why was pgp exported as a book and OCRed? --------- typedef struct me_s { char name[] = { "Thomas Habets" }; char email[] = { "thomas@habets.pp.se" }; char os[] = { "Linux 2.2" }; char *pgpKey[] = { "finger -m thompa@nss.nu" }; } me_t; - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 00:53:34 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA05841 for securedistros-list; Tue, 8 Jun 1999 00:53:34 +0200 Received: from mail.and.org (root@hoth.vader.org [194.159.100.250]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA05792 for ; Tue, 8 Jun 1999 00:53:26 +0200 Received: from nevyn by mail.and.org with local (Exim 3.01 #1) id 10r8HJ-0002p5-00 for securedistros@nl.linux.org; Mon, 07 Jun 1999 23:54:01 +0100 To: securedistros@nl.linux.org Subject: Re: wish list References: From: James Antill Mime-Version: 1.0 (generated by tm-edit 7.108) Content-Type: text/plain; charset=US-ASCII Date: 07 Jun 1999 23:54:00 +0100 In-Reply-To: Emanuele's message of "Mon, 7 Jun 1999 13:38:29 +0200 (CEST)" Message-ID: Lines: 46 X-Mailer: Gnus v5.5/XEmacs 20.4 - "Emerald" Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Emanuele writes: > hi at all!, > Some interesting feature that i think are important: > > > - Compile distro with stackguard The problem with this is that some exploits could just turn into DOS attacks. It's be better IMO if this wasn't _needed_ Ie. the source was audited ... but could be chosen if you were really paranoid (and had cycles to waste). > - Use tripwire by default This isn't easy to do, to run tripwire (or similar products) you need to do major work (pretty much minimum of read only media -- and better if you have the readonly media on a second box which only does outgoing connections to your "secure" box to generate the new hashes). > - Install tcp|udp|icmp log > - Script to configure tcpd/wrapper during the installation Persoanlly I'd prefer no software that needed inetd and hence tcp wrappers -- yes I know you can use it in external programs but most (all?) also provide their own mechanisms. > - Nmap, nessus and other audit tool > - Ssh (of course :-) > - SSLftp, SSLeay > - Nidsbench (an intrusion detection tool) > - Smail or qmail > - Route kernel patch? (there are for kernel v2.2?) > - Tool/script to help for ipchains configure > - Tcpdump/sniffit > - Passwd cracker (jripper is good) I'd also prefer a non "normal" auth mechanism, so this goes out ... 2048 bit gpg with the private keys only accesible by root ? -- James Antill -- james@and.org If you go to the Third World and find 100 people who have never tasted ketchup before, you find out two things: one is that people don't actually like tomato ketchup, the other is that they dislike all ketchups equally. -- Rob Young. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 00:54:29 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA06211 for securedistros-list; Tue, 8 Jun 1999 00:54:29 +0200 Received: from poteidaia.utdallas.edu (poteidaia.utdallas.edu [129.110.10.1]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA06044 for ; Tue, 8 Jun 1999 00:54:01 +0200 Received: from pc2738.utdallas.edu (pc2738.utdallas.edu [129.110.27.38]) by poteidaia.utdallas.edu (8.9.1/8.9.1/null-3.5) with ESMTP id RAA22934 for ; Mon, 7 Jun 1999 17:53:56 -0500 (CDT) Date: Mon, 07 Jun 1999 17:52:19 -0500 From: Paul L Schmehl To: securedistros@nl.linux.org Subject: Re: wish list Message-ID: <1065003931.928777939@pc2738.utdallas.edu> In-Reply-To: Originator-Info: login-id=pauls; server=inbox-p.utdallas.edu X-Mailer: Mulberry (Win32) [1.4.2, s/n S-398085] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org The rules were recently changed....kind of. The US Ninth Circuit Court of Appeals recently upheld the ruling of a lower court that prohibiting the "exportation" of strong crypto source code constituted prior restraint and was therefore unconstitutional. However, the US Government may appeal the case and request a stay of the order, and in which case it *will* end up in the US Supreme Court. I expect the Supreme Court will uphold the lower court's ruling, but one never knows until the Justices have rendered their opinion. Until it does, the "exportation" of strong crypto source is "legal" in the Ninth Circuit only (which includes most of the Western United States, Hawaii, Guam and the Northern Mariana Islands), but no where else in the US. However, since the government has requested a stay, it *may* still be illegal even in the Ninth Circuit (although I doubt anyone could be convicted *if* the SC upholds the ruling.) You can learn more about it here: http://www.eff.org/bernstein/19990507_eff_pressrel.html --On 6/7/99, 10:36 PM +0000 Thomas Habets wrote: > On Mon, 7 Jun 1999, Rik van Riel wrote: > >> Not really. At least one of the distributions is hosted >> in the Netherlands, besides, it's not forbidden to export >> strong crypto in source form... > > Er... then why was pgp exported as a book and OCRed? > > --------- > typedef struct me_s { > char name[] = { "Thomas Habets" }; > char email[] = { "thomas@habets.pp.se" }; > char os[] = { "Linux 2.2" }; > char *pgpKey[] = { "finger -m thompa@nss.nu" }; > } me_t; > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ Paul L. Schmehl, pauls@utdallas.edu Technical Support Services Manager The University of Texas at Dallas - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 01:45:52 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id BAA10487 for securedistros-list; Tue, 8 Jun 1999 01:45:52 +0200 Received: from finch-post-10.mail.demon.net (finch-post-10.mail.demon.net [194.217.242.38]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id BAA10437 for ; Tue, 8 Jun 1999 01:45:43 +0200 Received: from [194.222.156.169] (helo=notatla.demon.co.uk) by finch-post-10.mail.demon.net with esmtp (Exim 2.12 #1) id 10r95H-000A8B-0A for securedistros@nl.linux.org; Mon, 7 Jun 1999 23:45:40 +0000 Received: (from ant@localhost) by notatla.demon.co.uk (noyb/noyb) id AAA05162 for securedistros@nl.linux.org; Tue, 8 Jun 1999 00:40:08 +0100 Date: Tue, 8 Jun 1999 00:40:08 +0100 From: Antonomasia Message-Id: <199906072340.AAA05162@notatla.demon.co.uk> To: securedistros@nl.linux.org Subject: ideal tripwire environment Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org James Antill : > > - Use tripwire by default > This isn't easy to do, to run tripwire (or similar products) you need > to do major work (pretty much minimum of read only media -- and better > if you have the readonly media on a second box which only does > outgoing connections to your "secure" box to generate the new > hashes). If you slip a kernel and tiny linux install onto a floppy - including mount, tripwire, gzip and such - and if you don't mind rebooting to carry out your tripwire check - you can run _all_ the code involved off media you trust. I.e. you prepared the floppy somewhere safe. You then carry the database away on that or another floppy. No intruder gets the chance to change it (and has no evidence tripwire was ever run.) (You can checksum MS stuff too this way, but I'm not sure tripwire reads NTFS filemodes.) www.linuxrouter.org has some impressive minimalist code and it surprised me how much zipped software you can fit onto a minix-format floppy. -- ############################################################## # Antonomasia ant@notatla.demon.co.uk # # See http://www.notatla.demon.co.uk/ # ############################################################## - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 02:03:49 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id CAA28635 for securedistros-list; Tue, 8 Jun 1999 02:03:49 +0200 Received: from pixie.mit.edu (IDENT:root@PIXIE.MIT.EDU [18.238.0.85]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id CAA28564 for ; Tue, 8 Jun 1999 02:03:41 +0200 Received: by pixie.mit.edu (Linux Smail3.2.0.101 #1) id m10r9Mf-00108jC; Mon, 7 Jun 1999 20:03:37 -0400 (EDT) To: securedistros@nl.linux.org Subject: Encrypted SMTP (was Re: wish list) References: <199906071907.EAA13354@fiend.securesys.com.au> <199906071311.SAA09933@bhairavi.newdelhi.sgi.com> From: Ray Jones In-Reply-To: Raj Mathur's message of Mon, 7 Jun 1999 18:41:50 +0530 (IST) Date: 07 Jun 1999 20:03:37 -0400 Message-ID: Lines: 71 X-Mailer: Gnus v5.2.37/Emacs 19.30 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Raj Mathur writes: > Uhm, sorry about the default VM message munging... > > Anyhow, I feel that it's more important to have user-level mail > encryption rather than system- or connection-level encryption. Not > that the latter is not important! However, the arguments are: > > 1. System- and connection-level encryption is a massive load on the > CPU. If all (or most) of your SMTP connections are encrypted, which > is presumably what we're aiming for, then your CPU will be doing > nothing except handling 20 open SMTP connections at any given time. It's not that massive, in my experience (limited, I admit). Disk access time seems to be more of the bottleneck, in most cases. > 2. The remote system has to support encrypted SMTP, and I don't know > of too many servers around today which do. I'm willing to be > disabused of this notion in case it isn't true. This is a chicken-and-egg problem. If this isn't the place to start moving towards such a system, I don't know where there would be one. Besides, supporting it isn't the same as requiring it. > 3. Privacy issues still remain with encrypted connections, since > finally the message reposes in a non-encrypted form on the target > machines hard disk. This is a significantly different threat model, one which is unrelated to the one that encrypted SMTP tries to solve (eavesdropping). The argument is a strawman, anyway, since it can be fixed straightforwardly by storing mail messages PKE'd for the user they are addressed to. > 4. I haven't read the RFC (OK, you can flame me for that!), but > presumably there's some way of switching between encrypted and > unencrypted sessions between two servers which talk SSL SMTP. In case > there isn't, it's a waste of resources to send letters to your Mom > encrypted (unless your Dad's name happens to be Kevin M ;-) *Not using encrypted communication when it's available is almost always the wrong thing.* It gives the eavesdropper a strong hint that they chould concentrate their resources on the encrypted communication. You've leaked a single bit of information, but it's one with high value. It's also an invitation to accidentally send something in the clear when you meant to encrypt it. > Keeping this in mind, I'd rather focus on user-level security, > i.e. PGP, GnuPG or an equivalent. There the user has the choice of > whether to encrypt the message or not, and privacy is much much > higher. In other words, encrypt the payload and let the connection > take care of itself. These methods are less than optimal because they fail to hide as much information as they should. Mail headers are for the most part left in the clear. Traffic analysis is in many cases more important than content analysis. Fully encrypted exchanges are one step closer to where you want to be. (Mixmaster/Onion routing goes even further...) Ray Jones -----BEGIN PGP SIGNATURE----- Version: GnuPG v0.9.7 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE3XF2lY4NKW4VSSGARAmxiAJ45Y8p0+j6wkUZ6NGue9EH+N1dXQgCeOFWa UO13nhlg/izezaPnA7ket88= =1Ln4 -----END PGP SIGNATURE----- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 05:04:57 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id FAA27071 for securedistros-list; Tue, 8 Jun 1999 05:04:57 +0200 Received: from mail.roava.net (IDENT:root@[209.54.158.4]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id FAA26816 for ; Tue, 8 Jun 1999 05:04:46 +0200 Received: from eris.kha0s.org (agent.of.kha0s.org [209.54.158.58]) by mail.roava.net (8.9.1/8.9.1) with ESMTP id XAA08511 for ; Mon, 7 Jun 1999 23:04:41 -0400 Received: by eris.kha0s.org via sendmail from stdin id (Debian Smail3.2.0.101) for securedistros@nl.linux.org; Mon, 7 Jun 1999 14:58:04 -0700 (PDT) Date: Mon, 7 Jun 1999 14:58:04 -0700 From: Scott Fallin To: securedistros@nl.linux.org Subject: Re: wish list Message-ID: <19990607145803.A1954@kha0s.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.3i In-Reply-To: ; from Kendall Lister on Mon, Jun 07, 1999 at 11:04:16PM +1000 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org * Kendall Lister : > On Mon, 7 Jun 1999, Rik van Riel wrote: > > > Not really. At least one of the distributions is hosted in the > > Netherlands, besides, it's not forbidden to export strong crypto in > > source form... > > Actually, it is, from the US at least. What is not forbidden is the > exporting of books containing source code in printed form, hence the PGP > non-US scanning project. > There was a recent appeals court ruling in the Bernstein case, which has been interpreted by some as stating that source code qualifies as protected speach under the First Amendment to the US Constitution. Given that higher courts do not always listen to courts of appeal, we will have to see where this leads. It is, however, a step in the Right Direction(tm). -- Scott Fallin kha0s Linux http://kha0s.org saf@kha0s.org Better Living Through Extreme Paranoia - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 05:28:11 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id FAA03284 for securedistros-list; Tue, 8 Jun 1999 05:28:11 +0200 Received: from purgatory.fdf.net (qmailr@purgatory.fdf.net [63.64.249.53]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id FAA03114 for ; Tue, 8 Jun 1999 05:27:59 +0200 Received: (qmail 26264 invoked from network); 8 Jun 1999 03:27:53 -0000 Received: from alcatraz.fdf.net (HELO alcatraz) (63.64.249.51) by purgatory.fdf.net with SMTP; 8 Jun 1999 03:27:53 -0000 Message-Id: <4.2.0.56.19990607222533.0099d1c0@purgatory.fdf.net> X-Sender: jailbird@purgatory.fdf.net X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.56 (Beta) Date: Mon, 07 Jun 1999 22:26:38 -0500 To: securedistros@nl.linux.org From: Dustin Marquess Subject: Re: wish list In-Reply-To: <37331051.F215DCE4@linux.enter-net.com.br> References: <199906071420.HAA16948@hipmail13.gohip.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org At 11:09 AM 5/7/99 , you wrote: >Hz, > >scooby sir wrote: > > > > > The problem is that to have a truly secure machine(linux or non linux) > you must > > watch lists like bugtraq, and install patches as soon as > vulnerabilities are > > discovered. You can develop an extreemly secure machine, but 6 months > later if > > no updates were applied the machine it could be wide open. The fact is > you cant > > > > make sys admins update their machines. > > >So I supose a secure distribution MUST have stronger documentation >regarding these topics (watch lists, frequently updates, self critic >using free audit tools...) for the admins (aka general users) ... One idea may be a cron'd program that checks against the main distribution site for updates and either automatically updates packages, or notifies the admin about the new packages. Of course if you had it do it automatically you'd want things like PGP checks and such... -Dustin - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 05:38:16 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id FAA31560 for securedistros-list; Tue, 8 Jun 1999 05:38:16 +0200 Received: from purgatory.fdf.net (qmailr@purgatory.fdf.net [63.64.249.53]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id FAA31488 for ; Tue, 8 Jun 1999 05:37:58 +0200 Received: (qmail 26428 invoked from network); 8 Jun 1999 03:37:53 -0000 Received: from alcatraz.fdf.net (HELO alcatraz) (63.64.249.51) by purgatory.fdf.net with SMTP; 8 Jun 1999 03:37:53 -0000 Message-Id: <4.2.0.56.19990607223208.00988340@purgatory.fdf.net> X-Sender: jailbird@purgatory.fdf.net X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.56 (Beta) Date: Mon, 07 Jun 1999 22:33:14 -0500 To: securedistros@nl.linux.org From: Dustin Marquess Subject: Re: wish list (3 replies digestified) In-Reply-To: <19990607170858.4A4D5B47A@fleck.princetontele.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org At 12:08 PM 6/7/99 , you wrote: >One good reason: postfix code is *much* easier to read and understand than >qmail code. And since the goal is better security... > > > > > On Mon, 7 Jun 1999, Antonomasia wrote: > > > > > From: Brandon Craig Rhodes > > > > o Uses postfix by default instead of sendmail. > > > IBM's current licence prevents this. It may improve. > > > > Why not use qmail? Of course the qmail source is harder to read. Djb wrote his own C library so that qmail is invulnerable to bugs in the OS's libc. On the other hand, nobody has ever claimed the $1000 qmail security challenge money... -Du -Dustin - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 06:59:01 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id GAA05557 for securedistros-list; Tue, 8 Jun 1999 06:59:01 +0200 Received: from mirkwood.nl.linux.org (root@agratax.demon.nl [212.238.108.69]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id GAA05349 for ; Tue, 8 Jun 1999 06:58:48 +0200 Received: from localhost (riel@localhost) by mirkwood.nl.linux.org (8.9.0/8.9.3) with ESMTP id GAA28160 for ; Tue, 8 Jun 1999 06:58:18 +0200 Date: Tue, 8 Jun 1999 06:58:18 +0200 (CEST) From: Rik van Riel To: securedistros@nl.linux.org Subject: Re: In-Reply-To: <19990607220502.A12129@colombina.comedia.it> Message-ID: X-Search-Engine-Bait: http://humbolt.nl.linux.org/ X-My-Own-Server: http://www.nl.linux.org/ MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, 7 Jun 1999, Luca Berra wrote: > On Mon, Jun 07, 1999 at 09:23:31PM +0200, Rik van Riel wrote: > > On Mon, 7 Jun 1999, Mark wrote: > > NL.linux.org uses RBL. We're quite safe from spam -- I guess > > about one message per month gets through to _all_ mailing > > lists on the site... > > what about putting > taboo_body << END > echo s*bscr*be securedistros > END OK, done. (lines changed to allow this reply to come through) Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 06:59:27 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id GAA05678 for securedistros-list; Tue, 8 Jun 1999 06:59:27 +0200 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id GAA05600; Tue, 8 Jun 1999 06:59:06 +0200 Date: Tue, 8 Jun 1999 06:59:06 +0200 Message-Id: <199906080459.GAA05600@nl.linux.org> To: securedistros@nl.linux.org From: Majordomo@humbolt.nl.linux.org Subject: Majordomo results Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org -- >>>> auth a596a833 subscribe securedistros daniels@cs.purdue.edu **** Address already subscribed to securedistros >>>> >>>> - END OF COMMANDS - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 07:28:31 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id HAA25229 for securedistros-list; Tue, 8 Jun 1999 07:28:31 +0200 Received: from mirkwood.nl.linux.org (root@agratax.demon.nl [212.238.108.69]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id HAA25155 for ; Tue, 8 Jun 1999 07:28:20 +0200 Received: from localhost (riel@localhost) by mirkwood.nl.linux.org (8.9.0/8.9.3) with ESMTP id HAA28359 for ; Tue, 8 Jun 1999 07:27:53 +0200 Date: Tue, 8 Jun 1999 07:27:53 +0200 (CEST) From: Rik van Riel To: securedistros@nl.linux.org Subject: Re: Majordomo results In-Reply-To: <199906080459.GAA05600@nl.linux.org> Message-ID: X-Search-Engine-Bait: http://humbolt.nl.linux.org/ X-My-Own-Server: http://www.nl.linux.org/ MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Tue, 8 Jun 1999 Majordomo@humbolt.nl.linux.org wrote: > >>>> auth a596a833 subscribe securedistros daniels@cs.purdue.edu > **** Address already subscribed to securedistros Sorry for that... I used 'b'ounce instead of 'f'orward to get one of the erroneous confirms to majordomo -- shouldn't happen again because of the new filtering rules. cheers, Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 10:42:10 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id KAA06206 for securedistros-list; Tue, 8 Jun 1999 10:42:10 +0200 Received: from home2.netland.nl (IDENT:root@mx1.netland.nl [193.67.32.55]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id KAA06103 for ; Tue, 8 Jun 1999 10:41:59 +0200 Received: from proxy.office.netland.nl (root@router2.office.netland.nl [193.67.32.38]) by home2.netland.nl (8.8.7/8.8.7) with ESMTP id KAA28633 for ; Tue, 8 Jun 1999 10:41:17 +0200 Received: from office.netland.nl (root@intra.office.netland.nl [195.109.134.10]) by proxy.office.netland.nl (8.8.7/8.8.7) with ESMTP id KAA24556 for ; Tue, 8 Jun 1999 10:41:09 +0200 Received: from netland.nl (raarts@quark.office.netland.nl [195.109.134.65]) by office.netland.nl (8.8.7/8.8.7) with ESMTP id KAA22365 for ; Tue, 8 Jun 1999 10:41:21 +0200 Message-ID: <375CD6FF.7027D54C@netland.nl> Date: Tue, 08 Jun 1999 08:40:31 +0000 From: Ron Arts Organization: Netland Internet Services X-Mailer: Mozilla 4.5 [en] (X11; I; Linux 2.0.36 i686) X-Accept-Language: nl,en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: Encrypted SMTP (was Re: wish list) References: <199906071907.EAA13354@fiend.securesys.com.au> <199906071311.SAA09933@bhairavi.newdelhi.sgi.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Ray Jones wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Raj Mathur writes: > > > Uhm, sorry about the default VM message munging... > > > > Anyhow, I feel that it's more important to have user-level mail > > encryption rather than system- or connection-level encryption. Not > > that the latter is not important! However, the arguments are: > > > > 1. System- and connection-level encryption is a massive load on the > > CPU. If all (or most) of your SMTP connections are encrypted, which > > is presumably what we're aiming for, then your CPU will be doing > > nothing except handling 20 open SMTP connections at any given time. > > It's not that massive, in my experience (limited, I admit). Disk > access time seems to be more of the bottleneck, in most cases. > According to my experience with HTTP servers (I am responsible for over a thousand) HTTPS request are at least 10 times as CPU intensive as normal requests. This is a pretty well known fact among SSL users and experts. Tests have shown that webservers that could normally handle tens to hundreds of requests per second bogged down to as low as three per second when everything went through the SSL port. It has gotten to the point where several suppliers are offering dedicated hardware to decrypt SSL traffic on secure servers. Raj's estimate sounds reasonable to me. > > 2. The remote system has to support encrypted SMTP, and I don't know > > of too many servers around today which do. I'm willing to be > > disabused of this notion in case it isn't true. > > This is a chicken-and-egg problem. If this isn't the place to start > moving towards such a system, I don't know where there would be one. > Besides, supporting it isn't the same as requiring it. > If all SMTP sessions in the world would be SSL, then the amount of installed CPU power would definitely need to rise a lot.... > > 3. Privacy issues still remain with encrypted connections, since > > finally the message reposes in a non-encrypted form on the target > > machines hard disk. > > This is a significantly different threat model, one which is unrelated > to the one that encrypted SMTP tries to solve (eavesdropping). The > argument is a strawman, anyway, since it can be fixed > straightforwardly by storing mail messages PKE'd for the user they are > addressed to. > > > 4. I haven't read the RFC (OK, you can flame me for that!), but > > presumably there's some way of switching between encrypted and > > unencrypted sessions between two servers which talk SSL SMTP. In case Yes, there is. An ESMTP mailserver indicates it is SSL capable, and then the client can then ask the server to start an SSL handshake on their session. I haven't seen a sendmail implementation of this, but I think I saw one for Wietse Venema's new mailer that was adapted by IBM. Ron Arts > > there isn't, it's a waste of resources to send letters to your Mom > > encrypted (unless your Dad's name happens to be Kevin M ;-) > > *Not using encrypted communication when it's available is almost > always the wrong thing.* It gives the eavesdropper a strong hint that > they chould concentrate their resources on the encrypted > communication. You've leaked a single bit of information, but it's > one with high value. It's also an invitation to accidentally send > something in the clear when you meant to encrypt it. > > > Keeping this in mind, I'd rather focus on user-level security, > > i.e. PGP, GnuPG or an equivalent. There the user has the choice of > > whether to encrypt the message or not, and privacy is much much > > higher. In other words, encrypt the payload and let the connection > > take care of itself. > > These methods are less than optimal because they fail to hide as much > information as they should. Mail headers are for the most part left > in the clear. Traffic analysis is in many cases more important than > content analysis. Fully encrypted exchanges are one step closer to > where you want to be. (Mixmaster/Onion routing goes even further...) > > Ray Jones > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v0.9.7 (GNU/Linux) > Comment: For info see http://www.gnupg.org > > iD8DBQE3XF2lY4NKW4VSSGARAmxiAJ45Y8p0+j6wkUZ6NGue9EH+N1dXQgCeOFWa > UO13nhlg/izezaPnA7ket88= > =1Ln4 > -----END PGP SIGNATURE----- > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 12:45:40 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id MAA11740 for securedistros-list; Tue, 8 Jun 1999 12:45:40 +0200 Received: from do.nachtwacht.nl (pino.demon.nl [194.159.226.41]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id MAA11661 for ; Tue, 8 Jun 1999 12:45:33 +0200 Received: from localhost (arjan@localhost) by do.nachtwacht.nl (8.8.7/8.8.7) with ESMTP id MAA00769 for ; Tue, 8 Jun 1999 12:44:40 +0200 Date: Tue, 8 Jun 1999 12:44:40 +0200 (CEST) From: Arjan Vos X-Sender: arjan@do.nachtwacht.nl To: securedistros@nl.linux.org Subject: Be careful... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org ....that not too much goodies are implemented by default. I saw several discussions and whish lists fly by about what should be included in a secure distro.... I would like to point out that in my opinion not too much should be included in the basic distro. Hold on to the KISS principle (Keep It Stupid and Simple) but create good (and secure :-)) facilities so that (security) packages can be implemented easily. I always liked OpenBSD's approach for that: basic installation, but packages can be added via CVS... I hate distros that I still need to strip after having done a minimal installation in the first place.... (Marc, are you listening?) Gr. Arjan ---- Eat hard Sleep hard Wear glasses if you need them - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 15:07:58 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id PAA19764 for securedistros-list; Tue, 8 Jun 1999 15:07:58 +0200 Received: from pixie.mit.edu (IDENT:root@PIXIE.MIT.EDU [18.238.0.85]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id PAA19682 for ; Tue, 8 Jun 1999 15:07:50 +0200 Received: by pixie.mit.edu (Linux Smail3.2.0.101 #1) id m10rLbX-00108jC; Tue, 8 Jun 1999 09:07:47 -0400 (EDT) To: securedistros@nl.linux.org Subject: Re: Encrypted SMTP (was Re: wish list) References: <199906071907.EAA13354@fiend.securesys.com.au> <199906071311.SAA09933@bhairavi.newdelhi.sgi.com> <375CD6FF.7027D54C@netland.nl> From: Ray Jones In-Reply-To: Ron Arts's message of Tue, 08 Jun 1999 08:40:31 +0000 Date: 08 Jun 1999 09:07:47 -0400 Message-ID: Lines: 40 X-Mailer: Gnus v5.2.37/Emacs 19.30 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ron Arts writes: > According to my experience with HTTP servers (I am responsible for > over a thousand) HTTPS request are at least 10 times as CPU > intensive as normal requests. This is a pretty well known fact > among SSL users and experts. I can certainly believe that. Encryption is a lot more CPU intensive than just copying a buffer. CPU-intensiveness isn't the only limit to speed, though. > Tests have shown that webservers that could normally handle tens to > hundreds of requests per second bogged down to as low as three per > second when everything went through the SSL port. Is this 3 new session-key generations going on per second, or just 3 pages served per second with previously generated keys? > If all SMTP sessions in the world would be SSL, then the amount > of installed CPU power would definitely need to rise a lot.... ... which is going to happen anyway. IPSec will drive the increase if encrypted SMTP doesn't. It's a cost/benefit analysis. Unfortunately, many people won't see the benefit that they get for encrypting all of their messages, even the ones that they're not concerned about being compromised. Ray Jones -----BEGIN PGP SIGNATURE----- Version: GnuPG v0.9.7 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE3XRWcY4NKW4VSSGARAtfIAJ46GcesgHvyUILsK3fD71sv+Vh8ZgCgjCfU E9z1ez5jFNEVrrEE8oQ7o08= =xhh7 -----END PGP SIGNATURE----- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 15:13:25 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id PAA29819 for securedistros-list; Tue, 8 Jun 1999 15:13:25 +0200 Received: from original.killa.net ([209.178.120.5]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id PAA29694 for ; Tue, 8 Jun 1999 15:13:11 +0200 Received: (qmail 4433 invoked by uid 501); 8 Jun 1999 13:13:01 -0000 Date: 8 Jun 1999 06:13:01 -0700 Date: Tue, 8 Jun 1999 06:13:01 -0700 From: "Anthony D. Urso" To: securedistros@nl.linux.org Subject: Re: wish list Message-ID: <19990608061301.A4405@original> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: ; from Pere Camps on Mon, Jun 07, 1999 at 12:39:58AM +0200 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, Jun 07, 1999 at 12:39:58AM +0200, Pere Camps wrote: > I think that even only if you have one service open, then it's > pretty useless to have a single-firewalled host. > > It's much more esasir to simply comment out a service in inetd and > add the proper line in /etc/hosts.allow. > Essentially, hosts.deny only protects if the daemon is forked from inetd with tcpd, or the daemon is compiled with the tcp wrapper libraries. Either way will lay in a performance hit with each connection. xinetd and/or proper ipchains filtering are more suitable solutions, respectively, for most systems. Also, ipchains rules are not in themselves a firewall, they just instruct the kernel to deny or drop packets. No proxying is done. -- Au PGP Key ID: 0x385B44CB Fingerprint: 9E9E B116 DB2C D734 C090 E72F 43A0 95C4 385B 44CB lottery(n): A tax on people who are bad at math. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 17:01:28 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id RAA03878 for securedistros-list; Tue, 8 Jun 1999 17:01:28 +0200 Received: from home2.netland.nl (IDENT:root@mx1.netland.nl [193.67.32.55]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id RAA03826 for ; Tue, 8 Jun 1999 17:01:19 +0200 Received: from proxy.office.netland.nl (root@router2.office.netland.nl [193.67.32.38]) by home2.netland.nl (8.8.7/8.8.7) with ESMTP id RAA17421 for ; Tue, 8 Jun 1999 17:01:13 +0200 Received: from office.netland.nl (root@intra.office.netland.nl [195.109.134.10]) by proxy.office.netland.nl (8.8.7/8.8.7) with ESMTP id RAA26267 for ; Tue, 8 Jun 1999 17:01:07 +0200 Received: from netland.nl (raarts@quark.office.netland.nl [195.109.134.65]) by office.netland.nl (8.8.7/8.8.7) with ESMTP id RAA04216 for ; Tue, 8 Jun 1999 17:01:20 +0200 Message-ID: <375D3024.71E3F57F@netland.nl> Date: Tue, 08 Jun 1999 15:00:52 +0000 From: Ron Arts Organization: Netland Internet Services X-Mailer: Mozilla 4.5 [en] (X11; I; Linux 2.0.36 i686) X-Accept-Language: nl,en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: Encrypted SMTP (was Re: wish list) References: <199906071907.EAA13354@fiend.securesys.com.au> <199906071311.SAA09933@bhairavi.newdelhi.sgi.com> <375CD6FF.7027D54C@netland.nl> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Ray Jones wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Ron Arts writes: > > > According to my experience with HTTP servers (I am responsible for > > over a thousand) HTTPS request are at least 10 times as CPU > > intensive as normal requests. This is a pretty well known fact > > among SSL users and experts. > > I can certainly believe that. Encryption is a lot more CPU intensive > than just copying a buffer. CPU-intensiveness isn't the only limit to > speed, though. > > > Tests have shown that webservers that could normally handle tens to > > hundreds of requests per second bogged down to as low as three per > > second when everything went through the SSL port. > > Is this 3 new session-key generations going on per second, or just 3 > pages served per second with previously generated keys? > I found it here http://www.techweb.com/se/directlink.cgi?INW19990524S0002 Ron Arts - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 17:18:38 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id RAA19528 for securedistros-list; Tue, 8 Jun 1999 17:18:38 +0200 Received: from juno.princetontele.com (juno.princetontele.com [38.244.162.51]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id RAA19464 for ; Tue, 8 Jun 1999 17:18:27 +0200 Received: from hermes.princetontele.com (hermes.princetontele.com [192.168.6.2]) by juno.princetontele.com (Postfix) with ESMTP id BD2AA83D3 for ; Tue, 8 Jun 1999 11:18:23 -0400 (EDT) Received: from fleck.princetontele.com (fleck.princetontele.com [192.168.6.31]) by hermes.princetontele.com (Postfix) with ESMTP id 68D1A26D94 for ; Tue, 8 Jun 1999 11:18:23 -0400 (EDT) Received: by fleck.princetontele.com (Postfix, from userid 500) id 8CE59B47A; Tue, 8 Jun 1999 11:18:23 -0400 (EDT) X-Mailer: exmh version 2.1.0 04/14/1999 To: securedistros@nl.linux.org Subject: Re: wish list (3 replies digestified) In-Reply-To: Your message of "Mon, 07 Jun 1999 22:33:14 CDT." <4.2.0.56.19990607223208.00988340@purgatory.fdf.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 08 Jun 1999 11:18:23 -0400 From: Chip Christian Message-Id: <19990608151823.8CE59B47A@fleck.princetontele.com> Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Wietse tried to, but he and DJB disagree about what is and isn't a security problem. jailbird@alcatraz.fdf.net said: > On the other hand, nobody has ever claimed the $1000 qmail > security challenge money... - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 17:36:38 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id RAA09769 for securedistros-list; Tue, 8 Jun 1999 17:36:38 +0200 Received: from juno.princetontele.com (juno.princetontele.com [38.244.162.51]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id RAA09671 for ; Tue, 8 Jun 1999 17:36:29 +0200 Received: from hermes.princetontele.com (hermes.princetontele.com [192.168.6.2]) by juno.princetontele.com (Postfix) with ESMTP id 0072A83D3 for ; Tue, 8 Jun 1999 11:36:25 -0400 (EDT) Received: from fleck.princetontele.com (fleck.princetontele.com [192.168.6.31]) by hermes.princetontele.com (Postfix) with ESMTP id A709D26D95 for ; Tue, 8 Jun 1999 11:36:25 -0400 (EDT) Received: by fleck.princetontele.com (Postfix, from userid 500) id CA365B47A; Tue, 8 Jun 1999 11:36:25 -0400 (EDT) X-Mailer: exmh version 2.1.0 04/14/1999 To: securedistros@nl.linux.org Subject: Re: Encrypted SMTP (was Re: wish list) In-Reply-To: Your message of "Tue, 08 Jun 1999 08:40:31 -0000." <375CD6FF.7027D54C@netland.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 08 Jun 1999 11:36:25 -0400 From: Chip Christian Message-Id: <19990608153625.CA365B47A@fleck.princetontele.com> Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org raarts@netland.nl said: > I haven't seen a sendmail implementation of this, but I think I saw > one for Wietse Venema's new mailer that was adapted by IBM. Seems lie it. Here's the one message I've seen on the topic (well, 2; someone asked about this topic yesterday and Wietse forwarded this message): Lutz.Jaenicke@aet.TU-Cottbus.DE said: > This message is crossposted to the Postfix users list and the OpenSSL > users list. > Hi out there! > by looking for a good way to allow mail relaying for our roaming > users, I had the idea to use TLS with Netscape and client > certificates. Of course, it turned out more difficult than expected, > as it is not enough to just run "sslwrap" or "stunnel" around the SMTP > port. It was necessary to implement (parts of) RFC 2487. > After digging around a little bit I found postfix to be the best > readable and extendable source code, so I decided to use postfix as a > base and write a patchkit using the OpenSSL library > I have now a working (at least for me :-) version ready and want to > invite other people to participate in the development and test (and/or > just use) my enhancement. > You can access the software from our website > http://www.aet.tu-cottbus.de/personen/jaenicke/pfixtls/ The outfit is > a little bit raw as of now, but that may improve in the future :-) > Of course, I would like to hear your comments and bug reports or even > better bug fixes... > Best regards, > Lutz Jaenicke -- Lutz Jaenicke > Lutz.Jaenicke@aet.TU-Cottbus.DE BTU Cottbus http:// > www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine > Elektrotechnik Tel. +49 355 69-4129 > Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153 - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 17:44:41 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id RAA28814 for securedistros-list; Tue, 8 Jun 1999 17:44:41 +0200 Received: from newman.cs.purdue.edu (0@newman.cs.purdue.edu [128.10.2.6]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id RAA28732 for ; Tue, 8 Jun 1999 17:44:33 +0200 Received: from lemuria.cs.purdue.edu (0@lemuria.cs.purdue.edu [128.10.17.66]) by newman.cs.purdue.edu (8.8.7/8.8.7/PURDUE_CS-2.0) with ESMTP id KAA26099 for ; Tue, 8 Jun 1999 10:44:28 -0500 (EST) Received: from localhost (670@localhost [127.0.0.1]) by lemuria.cs.purdue.edu (8.8.7/8.8.7/PURDUE_CS-2.0) with SMTP id KAA18791; Tue, 8 Jun 1999 10:44:23 -0500 (EST) Message-Id: <199906081544.KAA18791@lemuria.cs.purdue.edu> X-Authentication-Warning: lemuria.cs.purdue.edu: 670@localhost [127.0.0.1] didn't use HELO protocol X-Mailer: exmh version 2.0.1 12/23/97 To: securedistros@nl.linux.org cc: daniels@cs.purdue.edu Subject: Re: ideal tripwire environment In-reply-to: Your message of "Tue, 08 Jun 1999 00:40:08 +0100." <199906072340.AAA05162@notatla.demon.co.uk> X-Face: $&4)m~T}JQ8kSk3NnQ}Xw0gI8+J!w'=CC1A~7FvJ\+kU>;%k6cWnN"99R`z$9T3|T|`oH%9 ?k!wK1bF]$B"EpO5{cT_4afm|hRYr:v(k`PH>H8,qW|+"da5nOxw!*}Z:QF#:aGvvZ<-8_e_PSG~FK J<[pZn'*"D0Jca.^]C,&45{~YinRne3UX"j1({A7hmwOj]!ae`Z%lZ$_912eFrjU#I;Db/uy:u>U0r 4J`5lxMZ~Oe35 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 08 Jun 1999 10:44:23 -0500 From: daniels@cs.purdue.edu (Tom Daniels) Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org -------- > > James Antill : > > > > - Use tripwire by default > > > This isn't easy to do, to run tripwire (or similar products) you need > > to do major work (pretty much minimum of read only media -- and better > > if you have the readonly media on a second box which only does > > outgoing connections to your "secure" box to generate the new > > hashes). The real point here is: - supply a tripwire database tweaked for the distribution so that it is much easier to start using tripwire. - even if you don't run tripwire in the safest possible mode, it can still be immensely useful to figure out what a script kiddie has done to your system. Besides, most of the attackers I run into, don't even delete tcpwrapper logs! Let alone, muck with your tripwire database. - As someone else pointed out, provide the option of creating a tripwire rescue floppy or CD-R. While no one will argue that running tripwire off of a hard drive is as safe as via remote r/o mount (or whatever), it is still MUCH better than not running it at all. My $0.02, Tom - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 18:29:26 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id SAA30156 for securedistros-list; Tue, 8 Jun 1999 18:29:26 +0200 Received: from www.invisible.org ([195.88.156.1]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id SAA30071 for ; Tue, 8 Jun 1999 18:29:16 +0200 Received: (from marc@localhost) by www.invisible.org (8.8.8/8.8.8) id SAA00531 for securedistros@nl.linux.org; Tue, 8 Jun 1999 18:27:48 +0200 From: Marc Message-Id: <199906081627.SAA00531@www.invisible.org> Subject: Re: Be careful... In-Reply-To: from Arjan Vos at "Jun 8, 99 12:44:40 pm" To: securedistros@nl.linux.org Date: Tue, 8 Jun 1999 18:27:48 +0200 (MEST) X-Mailer: ELM [version 2.4ME+ PL37 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hi Arjan, > ....that not too much goodies are implemented by default. I saw several > discussions and whish lists fly by about what should be included in a > secure distro.... I would like to point out that in my opinion not too > much should be included in the basic distro. Hold on to the KISS principle > (Keep It Stupid and Simple) but create good (and secure :-)) facilities so > that (security) packages can be implemented easily. > > I always liked OpenBSD's approach for that: basic installation, but > packages can be added via CVS... I hate distros that I still need to strip > after having done a minimal installation in the first place.... (Marc, are > you listening?) ( yes, I'm listening ;-), you can just run harden_suse.pl after installation and it is tightly stripped afterwards [and for those who don't know me, I'm responsible for the security of the SuSE Linux distribution]) I think there are two directions to go with a secure linux distro. The first is just a hardened one. Take a common distro, strip it, add some stuff and there you have the securelinux distro. Thats what's being talked about here. I really like openbsd but they too just did that, and, well, I don't really think this is worth the time to spend on. In my opinion a secure linux shouldn't be a linux ;-) If you want to have something secure, you need a secure basic design. The problem with unix begins with the one and mighty superuser root, goes over to a missing trusted computing base, labels for data, etc. (yes, some commercial unixes or add-on products have got these features. We need these on linux and/or BSD too) Then take a look at the kernel. A big thing with features for everything, and your kernel will panic if one part of it goes wrong. What is needed is a good secure basic design. Then rewrite the kernel to have only one small kern and many modules, where when one modules dies ofr any reason (eg. tcpip module) everything else is still stable. No root, but roles and capabilities, labels, etc. etc. Then the rest of the system should be written and/or ported. The result would be an operating system which can run linux and/or bsd stuff, but is nativly not a real unix. However, this is very much work. And I think this is something which can only be done commercially also the result might be (I hope!) open source. You could not trust the securelinux distros discussed on this list or openbsd because it still has got it basic vulnerabilities it struggles to keep close. Greets, Marc - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 18:40:35 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id SAA25125 for securedistros-list; Tue, 8 Jun 1999 18:40:35 +0200 Received: from attic.replay.com (attic.replay.com [192.87.30.19]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id SAA25079 for ; Tue, 8 Jun 1999 18:40:27 +0200 Received: (from usura@localhost) by attic.replay.com (8.9.2/8.9.2/Replay Associates) id SAA01085 for securedistros@nl.linux.org; Tue, 8 Jun 1999 18:40:11 +0200 (CEST) From: Alex de Joode Message-Id: <199906081640.SAA01085@attic.replay.com> Subject: Re: ideal tripwire environment To: securedistros@nl.linux.org Date: Tue, 8 Jun 1999 18:40:10 +0200 (CEST) In-Reply-To: <199906081544.KAA18791@lemuria.cs.purdue.edu> from "Tom Daniels" at Jun 8, 99 10:44:23 am X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > > James Antill : > > > > > > - Use tripwire by default > > > > > This isn't easy to do, to run tripwire (or similar products) you need > > > to do major work (pretty much minimum of read only media -- and better > > > if you have the readonly media on a second box which only does > > > outgoing connections to your "secure" box to generate the new > > > > hashes). > > The real point here is: > - supply a tripwire database tweaked for the distribution so that it is much > easier to start using tripwire. > - even if you don't run tripwire in the safest possible mode, it can still be > immensely useful to figure out what a script kiddie has done to your system. > Besides, most of the attackers I run into, don't even delete tcpwrapper logs! > Let alone, muck with your tripwire database. > - As someone else pointed out, provide the option of creating a tripwire > rescue floppy or CD-R. > > While no one will argue that running tripwire off of a hard drive is as safe > as via remote r/o mount (or whatever), it is still MUCH better than not > running it at all. > You also could have a copy of the database on a CFS drive (cryptofilesystem). (plus a copy of the tools the linux root kits like to 'change'. (ps/ls/who etc) -aj- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 19:53:42 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA27640 for securedistros-list; Tue, 8 Jun 1999 19:53:42 +0200 Received: from church.cse.ogi.edu (root@cse.ogi.edu [129.95.20.2]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA27571 for ; Tue, 8 Jun 1999 19:53:18 +0200 Received: from cse.ogi.edu (crispin@dialup-08.cse.ogi.edu [129.95.49.8]) by church.cse.ogi.edu (8.8.6/8.8.6) with ESMTP id KAA13396 for ; Tue, 8 Jun 1999 10:53:12 -0700 (PDT) Message-ID: <375CBC00.CC6511FA@cse.ogi.edu> Date: Mon, 07 Jun 1999 23:45:21 -0700 From: Crispin Cowan Organization: Oregon Graduate Institute X-Mailer: Mozilla 4.6 [en] (X11; I; Linux 2.0.35 i586) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: wish list References: <009701beb073$5699cc00$0400010a@mustang.guarded.net> <4.2.0.56.19990607101523.009609a0@purgatory.fdf.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Dustin Marquess wrote: > At 06:38 AM 6/7/99 , you wrote: > >hi at all!, > > Some interesting feature that i think are important: > > > > > >- Compile distro with stackguard > StackGuard seems to provide a cover-up, at the cost of > speed. This speed is unnoticable in small programs, but when you get into > large MySQL databases and such, it probably will be. Whether its a cover-up or a defense against future bugs is entirely a function of how actively you patch your system. StackGuard was designed primarily to provide a defense against unknown vulnerabilities. It's just convenient that it also allows you to be lazy about patching :-) Regarding performance: our measurements show exactly the opposite of your conjecture. StackGuard overhead on small programs is substantial, but is so small that it is difficult to measure for large programs. We benchmarked StackGuard-protected Apache with the Webstone benchmark, and the performance is a wash. > I am also a firm believer that the actually code should be > fixed. Fix the code and send a patch to the maintainer. This way > everybody reaps the benefits of having a secure program, and we don't have > to deal with StackGuard. So am I. Were you aware that when you attempt to exploit a vulnerability that StackGuard defends, it syslogs the system with the name of the program AND THE FUNCTION that is being exploited? StackGuard tries to help in keeping your code patched by telling you what needs patching. > Now of course this doesn't help if a new bug is found. I have > been toying with the idea of using StackGuard on anything that is going to > be suid root, just as an added layer of paranoia. Exactly. You also need to StackGuard anything that root is going to run as a matter of course, and anything that root leaves running on an on-going basis, and anything that binds to a network port and thus could be exploited by a remote attacker. We couldn't figure out what that set is, either :-) so we just StackGuarded everything. > I've also been working on a bash script to detect stupid coding > mistakes such as insecure strcpy()'s and such, and allow the user to let There's also versions of libraries that bitch when you link to unsafe functions like strcpy(). Crispin ----- Crispin Cowan, Research Assistant Professor of Computer Science, OGI NEW: Protect Your Linux Host with StackGuard'd Programs :FREE http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ Microsoft: Putting the "lame" in "layman" - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 19:53:44 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA27644 for securedistros-list; Tue, 8 Jun 1999 19:53:44 +0200 Received: from church.cse.ogi.edu (root@cse.ogi.edu [129.95.20.2]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA27597 for ; Tue, 8 Jun 1999 19:53:22 +0200 Received: from cse.ogi.edu (crispin@dialup-08.cse.ogi.edu [129.95.49.8]) by church.cse.ogi.edu (8.8.6/8.8.6) with ESMTP id KAA13410 for ; Tue, 8 Jun 1999 10:53:17 -0700 (PDT) Message-ID: <375CBE4E.708373F1@cse.ogi.edu> Date: Mon, 07 Jun 1999 23:55:10 -0700 From: Crispin Cowan Organization: Oregon Graduate Institute X-Mailer: Mozilla 4.6 [en] (X11; I; Linux 2.0.35 i586) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: wish list (3 replies digestified) References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Cristiano Lincoln Mattos wrote: > On Mon, 7 Jun 1999, Antonomasia wrote: > > > From: Brandon Craig Rhodes > > > o Uses postfix by default instead of sendmail. > > IBM's current licence prevents this. It may improve. I'd like to hear about why "IBM's current license" prevents a secure distro from using it. IBM's current license has a potential bomb in it that could cause a secure distro to suddenly have to cease using it, but that's different from "can't". It's just a calculated risk. Crispin ----- Crispin Cowan, Research Assistant Professor of Computer Science, OGI NEW: Protect Your Linux Host with StackGuard'd Programs :FREE http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ Microsoft: Putting the "lame" in "layman" - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 19:53:45 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA27648 for securedistros-list; Tue, 8 Jun 1999 19:53:45 +0200 Received: from church.cse.ogi.edu (root@cse.ogi.edu [129.95.20.2]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA27568 for ; Tue, 8 Jun 1999 19:53:18 +0200 Received: from cse.ogi.edu (crispin@dialup-08.cse.ogi.edu [129.95.49.8]) by church.cse.ogi.edu (8.8.6/8.8.6) with ESMTP id KAA13382 for ; Tue, 8 Jun 1999 10:53:08 -0700 (PDT) Message-ID: <375CB8A3.30CB29AB@cse.ogi.edu> Date: Mon, 07 Jun 1999 23:30:59 -0700 From: Crispin Cowan Organization: Oregon Graduate Institute X-Mailer: Mozilla 4.6 [en] (X11; I; Linux 2.0.35 i586) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: wish list References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Milan Pikula - WWW wrote: > On Mon, 7 Jun 1999, scooby sir wrote: > > W>Well, > W> If i were to contribute suggestions for a secure distro of linux, > W>it would be this: > W> i) Ship it with the international linux patch installed > W> www.kerneli.org > W> ii) Install the non-executable stack patch > > this is not a real solution.. this is a joke. there are many ways, how to > override this protection and this makes me to label it as > 'security by obscurity'. Nonsense. The non-executable stack patch (and StackGuard) prevent attacks against specific classes of vulnerabilities. With the protections enabled, these vulnerabilities CANNOT be exploited: you have to go find DIFFERENT vulnerabilities. For that reason, they are not 'security by obscurity', they are legitimate security enhancements. Bonus points: either one of them alone can stop a MAJORITY of common security attacks, and together they stop even more. Crispin ----- Crispin Cowan, Research Assistant Professor of Computer Science, OGI NEW: Protect Your Linux Host with StackGuard'd Programs :FREE http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ Microsoft: Putting the "lame" in "layman" - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 20:00:01 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA28998 for securedistros-list; Tue, 8 Jun 1999 19:59:19 +0200 Received: from mirkwood.nl.linux.org (root@agratax.demon.nl [212.238.108.69]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA28808 for ; Tue, 8 Jun 1999 19:58:32 +0200 Received: from localhost (riel@localhost) by mirkwood.nl.linux.org (8.9.0/8.9.3) with ESMTP id TAA02978 for ; Tue, 8 Jun 1999 19:45:52 +0200 Date: Tue, 8 Jun 1999 19:45:51 +0200 (CEST) From: Rik van Riel To: securedistros@nl.linux.org Subject: Re: Be careful... In-Reply-To: Message-ID: X-Search-Engine-Bait: http://humbolt.nl.linux.org/ X-My-Own-Server: http://www.nl.linux.org/ MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Tue, 8 Jun 1999, Arjan Vos wrote: > ....that not too much goodies are implemented by default. I saw > several discussions and whish lists fly by about what should be > included in a secure distro.... I would like to point out that in > my opinion not too much should be included in the basic distro. What should and should not be included in a distribution is something to be fought out on the mailing lists of the distributions, not on the multi-distro mailing list. I suggest people take this discussion to 'their own' mailing lists: kha0s: kha0s-dev@kha0s.org (??) secure Linux: securelinux@reseau.nl regards, Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Tue Jun 8 20:15:12 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id UAA03986 for securedistros-list; Tue, 8 Jun 1999 20:15:12 +0200 Received: from pixie.mit.edu (IDENT:root@PIXIE.MIT.EDU [18.238.0.85]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id UAA03981 for ; Tue, 8 Jun 1999 20:15:03 +0200 Received: by pixie.mit.edu (Linux Smail3.2.0.101 #1) id m10rQOq-00108jC; Tue, 8 Jun 1999 14:15:00 -0400 (EDT) To: securedistros@nl.linux.org Subject: Re: Encrypted SMTP (was Re: wish list) References: <199906071907.EAA13354@fiend.securesys.com.au> <199906071311.SAA09933@bhairavi.newdelhi.sgi.com> <375CD6FF.7027D54C@netland.nl> <375D3024.71E3F57F@netland.nl> From: Ray Jones In-Reply-To: Ron Arts's message of Tue, 08 Jun 1999 15:00:52 +0000 Date: 08 Jun 1999 14:15:00 -0400 Message-ID: Lines: 34 X-Mailer: Gnus v5.2.37/Emacs 19.30 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ron Arts writes: > > Ray Jones wrote: > > Is this 3 new session-key generations going on per second, or just 3 > > pages served per second with previously generated keys? > > I found it here > http://www.techweb.com/se/directlink.cgi?INW19990524S0002 Reading through this, I get the impression it's 3 new connections (key negotiations) per second (instead of, for instance, 100 for unencrypted traffic). The cost of the symmetric encryption isn't mentioned in the article, but I assume it's not the bottleneck. (The article isn't very explicit. I could be wrong in my understanding of it.) This is bad news for SMTP, since its traffic is made up of short-lived sessions, but there might be ways to lessen the impact (multi-session keys, for instance). Ray Jones -----BEGIN PGP SIGNATURE----- Version: GnuPG v0.9.7 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE3XV2iY4NKW4VSSGARAry2AJwOCv5D3vHtf8clCOumflhsLtru+wCfch3D ++nvZiggN7Lux/Z9Woje6UE= =upss -----END PGP SIGNATURE----- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 11:38:04 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id LAA08551 for securedistros-list; Wed, 9 Jun 1999 11:20:05 +0200 Received: from terra.geo.uu.nl (terra.geo.uu.nl [131.211.29.16]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id LAA08358 for ; Wed, 9 Jun 1999 11:19:11 +0200 From: louis@pcmagic.net Received: from mail-q1.pcmagic.net (mail-q1.pcmagic.net [206.117.211.8]) by terra.geo.uu.nl (8.9.0/8.9.0/TvZ) with SMTP id DAA07199 for ; Wed, 9 Jun 1999 03:46:03 +0200 (MET DST) Received: (qmail 21349 invoked by uid 3301); 8 Jun 1999 18:44:53 -0700 Received: from ppp-207-151-70-62.dialup.pcmagic.net (HELO louis) (207.151.70.62) by mail-q1.pcmagic.net with SMTP; 8 Jun 1999 18:44:53 -0700 Message-Id: <3.0.6.32.19990608183428.00966e90@mail.pcmagic.net> X-Sender: louis@mail.pcmagic.net X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.6 (32) Date: Tue, 08 Jun 1999 18:34:28 -0700 To: securedistros@nl.linux.org Subject: Re: Be careful... In-Reply-To: <199906081627.SAA00531@www.invisible.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Wow! This level of candor and insight is unusual on a linux mailing list! This finally explains to me why we constantly are getting security alerts. Thanks Marc for explaining the essential limitation of linux, BSD, and unix in general. This is a real eye-opener. I'll never look at linux or BSD the same. Saludos--Louis Yes, Marc. You wrote: ... > >In my opinion a secure linux shouldn't be a linux ;-) >If you want to have something secure, you need a secure basic design. >The problem with unix begins with the one and mighty superuser root, goes >over to a missing trusted computing base, labels for data, etc. (yes, some >commercial unixes or add-on products have got these features. We need these >on linux and/or BSD too) > >Then take a look at the kernel. A big thing with features for everything, >and your kernel will panic if one part of it goes wrong. > >What is needed is a good secure basic design. Then rewrite the kernel to >have only one small kern and many modules, where when one modules dies ofr >any reason (eg. tcpip module) everything else is still stable. No root, but >roles and capabilities, labels, etc. etc. >Then the rest of the system should be written and/or ported. > >The result would be an operating system which can run linux and/or bsd >stuff, but is nativly not a real unix. > >However, this is very much work. And I think this is something which can >only be done commercially also the result might be (I hope!) open source. > >You could not trust the securelinux distros discussed on this list or openbsd >because it still has got it basic vulnerabilities it struggles to keep close. > > >Greets, > Marc >- >Securedistros: A common list for all secured Linux distributions >Archive: http://humbolt.nl.linux.org/lists/ > - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 11:39:04 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id LAA08937 for securedistros-list; Wed, 9 Jun 1999 11:22:37 +0200 Received: from terra.geo.uu.nl (terra.geo.uu.nl [131.211.29.16]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id LAA08841 for ; Wed, 9 Jun 1999 11:21:49 +0200 Received: from do.nachtwacht.nl (pino.demon.nl [194.159.226.41]) by terra.geo.uu.nl (8.9.0/8.9.0/TvZ) with ESMTP id XAA04141 for ; Tue, 8 Jun 1999 23:52:43 +0200 (MET DST) Received: from localhost (arjan@localhost) by do.nachtwacht.nl (8.8.7/8.8.7) with ESMTP id XAA01477 for ; Tue, 8 Jun 1999 23:50:45 +0200 Date: Tue, 8 Jun 1999 23:50:45 +0200 (CEST) From: Arjan Vos X-Sender: arjan@do.nachtwacht.nl To: securedistros@nl.linux.org Subject: Re: Be careful... In-Reply-To: <199906081627.SAA00531@www.invisible.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Tue, 8 Jun 1999, Marc wrote: > In my opinion a secure linux shouldn't be a linux ;-) > If you want to have something secure, you need a secure basic design. > The problem with unix begins with the one and mighty superuser root, goes > over to a missing trusted computing base, labels for data, etc. (yes, some > commercial unixes or add-on products have got these features. We need these > on linux and/or BSD too) > > Then take a look at the kernel. A big thing with features for everything, > and your kernel will panic if one part of it goes wrong. > > What is needed is a good secure basic design. Then rewrite the kernel to > have only one small kern and many modules, where when one modules dies ofr > any reason (eg. tcpip module) everything else is still stable. No root, but > roles and capabilities, labels, etc. etc. > Then the rest of the system should be written and/or ported. mmm.... come to think of it... The NT design started out OK in a certain way, but M$ focussed too much on a microkernel-like design while in the end (well, actually in the beginning) they should have picked a monolithic kernel approach.... Anyhow, such ideas might still stand for secure kernel design: have a small and secure nucleus that communicates with many modules through labels/flags and such. > The result would be an operating system which can run linux and/or bsd > stuff, but is nativly not a real unix. Yep.... But hey, let's make the modular subsystem and nucleas POSIX-complient... Hell, mabe we should opensource MVS and call it Unix :-)) > However, this is very much work. And I think this is something which can > only be done commercially also the result might be (I hope!) open source. > > You could not trust the securelinux distros discussed on this list or openbsd > because it still has got it basic vulnerabilities it struggles to keep close. I agree with Marc, but I am afraid that our mails didn't add much value to the securedistros discussion.... Gr. Arjan ---- Eat hard Sleep hard Wear glasses if you need them - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 11:40:04 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id LAA08759 for securedistros-list; Wed, 9 Jun 1999 11:21:22 +0200 Received: from terra.geo.uu.nl (terra.geo.uu.nl [131.211.29.16]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id LAA08634 for ; Wed, 9 Jun 1999 11:20:33 +0200 Received: from rasmus.uib.no (exim@rasmus.uib.no [129.177.12.30]) by terra.geo.uu.nl (8.9.0/8.9.0/TvZ) with ESMTP id BAA05335 for ; Wed, 9 Jun 1999 01:30:10 +0200 (MET DST) Received: from oppringt-136.ppp.uib.no (st01376) [129.177.138.136] by rasmus.uib.no with smtp (Exim 2.10) id 10rVGi-0003zs-00; Wed, 9 Jun 1999 01:26:56 +0200 Message-ID: <002701beb206$6bcb8340$888ab181@st01376> From: "Per Gustav Ousdal" To: Subject: SV: Secured vs. Security Distros and Wish Lists Date: Wed, 9 Jun 1999 01:24:48 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nl.linux.org id LAA08637 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org >On Tue, 08 Jun 1999, you wrote: [Portscanners, sniffers, pw crackers, etc] >Why _SHOULD_ it not contain these tools. I do not see why it should not maybe >it does not need them to be secure but there is no reason it should not have >these tools. Furthermore there is a lot to be said for using these tools >against your own system to make sure it is secure. Couldn't agree more. I would expect to get these in a secure linux distribution. I consider these valuable tools for securing sites, and so do many others: CERT, CERIAS (Former COAST), ISS etc, etc.. provide links to these tools, some offer them for download, and thus probably recomend that you use such/these tools in order to improve security. A secure/hardend linux distr. would make an awesome platform to build a firewall. It would be foolish not to test your firewall implementation, and I would consider portscanners and security audit tools vital for that (If run regularly this could also help detect tampering with the machine). A firewall should be closely monitored, and one needs to know excatly what traffic goes thru it and not. I'd probably also run a sniffer on a machine in my DMZ, this network ought not to cotain any sensitive packets anyway (at least not in cleartext), running a sniffer would help detect if such packets exist, and could help in detecting an intruder. I consider these tools vital in a secure linux distribution, and in IMHO they belong there. Something I'd like to see included in a secure linux distribution is some good documents on security. Nice if they where linux spesific, and where based on the secure distributions. They should be detailed and "hands on" (I.e. step by step guide on how to configure your system with an emphazis on security, or step by step guide on how to deal with a compromise, spesific examples/suggestions for firewall implementations etc.). Suggestions for more? Regards, Per - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 11:41:04 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id LAA07557 for securedistros-list; Wed, 9 Jun 1999 11:15:58 +0200 Received: from terra.geo.uu.nl (terra.geo.uu.nl [131.211.29.16]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id LAA07388 for ; Wed, 9 Jun 1999 11:14:51 +0200 Received: from fornax.elf.stuba.sk (www@fornax.elf.stuba.sk [147.175.111.112]) by terra.geo.uu.nl (8.9.0/8.9.0/TvZ) with ESMTP id KAA14048 for ; Wed, 9 Jun 1999 10:24:48 +0200 (MET DST) Received: from localhost (www@localhost) by fornax.elf.stuba.sk (8.8.7/8.8.7) with ESMTP id KAA22134 for ; Wed, 9 Jun 1999 10:20:12 +0200 Date: Wed, 9 Jun 1999 10:20:12 +0200 (MEST) From: Milan Pikula - WWW To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: <375CB8A3.30CB29AB@cse.ogi.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, 7 Jun 1999, Crispin Cowan wrote: W>Milan Pikula - WWW wrote: W> W>> On Mon, 7 Jun 1999, scooby sir wrote: W>> W>> W>Well, W>> W> If i were to contribute suggestions for a secure distro of linux, W>> W>it would be this: W>> W> i) Ship it with the international linux patch installed W>> W> www.kerneli.org W>> W> ii) Install the non-executable stack patch W>> W>> this is not a real solution.. this is a joke. there are many ways, how to W>> override this protection and this makes me to label it as W>> 'security by obscurity'. W> W>Nonsense. The non-executable stack patch (and StackGuard) prevent attacks against W>specific classes of vulnerabilities. With the protections enabled, these W>vulnerabilities CANNOT be exploited: you have to go find W>DIFFERENT vulnerabilities. For that reason, they are not 'security by obscurity', W>they are legitimate security enhancements. Bonus points: either one of them W>alone can stop a MAJORITY of common security attacks, and together they stop even W>more. i\m sorry but i know what i am talking about. almost any exploit code CAN be rewritten to be usable with non-executable stack patch too. in fact, i've never seen a hole which is unusable with it. consider this program (hole.c): void main(int argc, char * argv[]) { char buffer[16]; strcpy(buffer, argv[1]); } * using normal executable stack, the exploit will look like: [16 bytes of anything][4 anything][4 address of PAD+PADSIZE/2][padding (nops)] [code] and code will run shell. * another solution will be this: [16 bytes of anything][4 anything][4 address of system() in libc][4 anything (return address from system())][4 address of PAD+PADSIZE/2][padding ('/')] [string /bin/sh] with non-executable stack patch from solar designer the first attempt will not work, because the stackis not executable. the second will not work too - libc is mapped from address containing 0, so the address to system() cannot be used. but program used strcpy() from libc, so it contains something called PLT (procedure linkage table) which resides elsewhere in memory and contains jump to the libc routine. there are many address ranges in runing program, which are mapped READ-WRITE-EXEC. We can find such address in our hole.c too - using /proc/pid/maps or objdump.. I'll reffer to one such address; it may be randomly choosen from rwx mapped range (it cannot contain zero byte of course). let's name it addr1. * sol1 [16 bytes of anything][4 anything][4 address of strcpy() in PLT] [4 bytes: ret from strcpy() = addr1][4 "from": address of PAD+PADSIZE/2] [4 "to": addr1][padding (nops)][normal code which will run shell] that will return to strcpy() (via plt - this is usable with solar's patch too), strcpy() will copy the code from stack to the normal executable memory then returns to it. for a working example look at http://fornax.elf.stuba.sk/~www/symlink/Pineapple/Exploit/example3/ bye, Milan Pikula -- Milan Pikula, WWW. Finger me for Geek Code. http://fornax.elf.stuba.sk/~www, www@fornax.elf.stuba.sk .. dajte mi pewnu linku a pohnem zemegulow .. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 11:45:27 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id LAA08447 for securedistros-list; Wed, 9 Jun 1999 11:19:30 +0200 Received: from terra.geo.uu.nl (terra.geo.uu.nl [131.211.29.16]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id LAA08245 for ; Wed, 9 Jun 1999 11:18:45 +0200 Received: from alcove.wittsend.com (IDENT:root@alcove.wittsend.com [130.205.0.20]) by terra.geo.uu.nl (8.9.0/8.9.0/TvZ) with ESMTP id EAA07754 for ; Wed, 9 Jun 1999 04:27:22 +0200 (MET DST) Received: (from mhw@localhost) by alcove.wittsend.com (8.9.3/8.9.3) id WAA14231 for securedistros@nl.linux.org; Tue, 8 Jun 1999 22:26:13 -0400 From: "Michael H. Warfield" Message-Id: <199906090226.WAA14231@alcove.wittsend.com> Subject: Re: wish list In-Reply-To: <375CB8A3.30CB29AB@cse.ogi.edu> from Crispin Cowan at "Jun 7, 1999 11:30:59 pm" To: securedistros@nl.linux.org Date: Tue, 8 Jun 1999 22:26:13 -0400 (EDT) X-Mailer: ELM [version 2.4ME+ PL56 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Crispin Cowan enscribed thusly: > Milan Pikula - WWW wrote: > > On Mon, 7 Jun 1999, scooby sir wrote: > > W>Well, > > W> If i were to contribute suggestions for a secure distro of linux, > > W>it would be this: > > W> i) Ship it with the international linux patch installed > > W> www.kerneli.org > > W> ii) Install the non-executable stack patch > > this is not a real solution.. this is a joke. there are many ways, how to > > override this protection and this makes me to label it as > > 'security by obscurity'. > Nonsense. The non-executable stack patch (and StackGuard) prevent attacks against > specific classes of vulnerabilities. With the protections enabled, these > vulnerabilities CANNOT be exploited: you have to go find > DIFFERENT vulnerabilities. For that reason, they are not 'security by obscurity', > they are legitimate security enhancements. Bonus points: either one of them > alone can stop a MAJORITY of common security attacks, and together they stop even > more. I would back this up further... If your system is properly armed with alarms to go off with attempts to exploit these attacks, you have a shot at knowing an attacker is at the door. This is security in depth. Your security layers do not have to be perfect. They need to compliment each other, giving you opportunity to detect attacks in progress and time to react against them. If you were to detect a buffer overflow that fails against the non-executable stack, or fails because of stack guard, and shuts down a firewall to ANY ACCESS, you can evaluate the threat before granting access. DoS attacks are difficult against this and you can make an attackers life miserable trying to pick his way through your mine field. This is NOT security through obscurity! This is security in depth! This turns the tables on the attackers. They now have to be perfect in penetrating each of your shields without detection and avoiding your alarms without detection. All of the standard "tricks" (suitably protected against spoofing attacks) should be honey pots that fire alarms and block attacks. I would also compliment this with the "secure level" plus the "immutable" and "append only" file system attributes. NONE of these are perfect. But they prevent and detect certain classes of attacks. Classes of attacks which most attackers are going to employ as a precurser to an intrusion. Thus the preventative becomes a detection. If we can instill a fear that to use certain "tricks" risks instant detection, we not only protect our own systems, we convey "umbrella" protection against other systems, against which the attacker fear to deploy the simple attacks. In the past, the defender had to be perfect and the attacker only needed ONE successful attack to penetrate the system. With these tools we can turn those tables. The attackers now have to be perfect and avoid these fixes and these traps (without knowing they are there to begin with). They then have to walk the walk without a misstep. One mistake, and we have them. This is not security through obscurity. Only by perfect knowlege can they defeat such a system. That is in contrast to the old way where only by perfect defense could we defeat them... I like this better... > Crispin > ----- > Crispin Cowan, Research Assistant Professor of Computer Science, OGI > NEW: Protect Your Linux Host with StackGuard'd Programs :FREE > http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ > > Microsoft: Putting the "lame" in "layman" Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (770) 925-8248 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 15:06:54 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id PAA27912 for securedistros-list; Wed, 9 Jun 1999 15:06:54 +0200 Received: from hiway1.exit109.com (malice@hiway1.exit109.com [208.225.64.3]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id PAA27831 for ; Wed, 9 Jun 1999 15:06:47 +0200 Received: from localhost (malice@localhost) by hiway1.exit109.com (8.9.3/8.7.3) with SMTP id JAA28415 for ; Wed, 9 Jun 1999 09:06:41 -0400 (EDT) Date: Wed, 9 Jun 1999 09:06:41 -0400 (EDT) From: Michael Cunningham To: securedistros@nl.linux.org Subject: Re: SV: Secured vs. Security Distros and Wish Lists In-Reply-To: <002701beb206$6bcb8340$888ab181@st01376> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org I think that the distributions should offer a choice of 2 things on install.. 1. Secure workstation: that includes tons of documentation, tools, and is mostly locked down. 2. Secure server: This would be a totally locked down stripped version of the os designed to be exposed to the net without threat. Possible even an extension of this could be a choice of specific Secure Servers.. Like a webserver, firewall, ftp, etc since they all have specific security modifications that are needed based on the type of server they are. Of course both versions should have detailed info on the packages that they install as well as the security ramifications of those packages. This should be information that is accessable during the install. Mike On Wed, 9 Jun 1999, Per Gustav Ousdal wrote: > > >On Tue, 08 Jun 1999, you wrote: > > [Portscanners, sniffers, pw crackers, etc] > >Why _SHOULD_ it not contain these tools. I do not see why it should not maybe > >it does not need them to be secure but there is no reason it should not have > >these tools. Furthermore there is a lot to be said for using these tools > >against your own system to make sure it is secure. > > > Couldn't agree more. I would expect to get these in a secure linux distribution. I consider these valuable tools for securing sites, and so do many others: CERT, CERIAS (Former COAST), ISS etc, etc.. provide links to these tools, some offer them for download, and thus probably recomend that you use such/these tools in order to improve security. > > A secure/hardend linux distr. would make an awesome platform to build a firewall. It would be foolish not to test your firewall implementation, and I would consider portscanners and security audit tools vital for that (If run regularly this could also help detect tampering with the machine). A firewall should be closely monitored, and one needs to know excatly what traffic goes thru it and not. I'd probably also run a sniffer on a machine in my DMZ, this network ought not to cotain any sensitive packets anyway (at least not in cleartext), running a sniffer would help detect if such packets exist, and could help in detecting an intruder. I consider these tools vital in a secure linux distribution, and in IMHO they belong there. > > Something I'd like to see included in a secure linux distribution is some good documents on security. Nice if they where linux spesific, and where based on the secure distributions. They should be detailed and "hands on" (I.e. step by step guide on how to configure your system with an emphazis on security, or step by step guide on how to deal with a compromise, spesific examples/suggestions for firewall implementations etc.). Suggestions for more? > > > Regards, > > Per > > > > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ > Mike.. -- Some people have told me they don't think a fat penguin really embodies the grace of Linux, which just tells me they have never seen a angry penguin charging at them in excess of 100mph. They'd be a lot more careful about what they say if they had. -- Linus Torvalds - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 15:13:36 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id PAA07350 for securedistros-list; Wed, 9 Jun 1999 15:13:36 +0200 Received: from hiway1.exit109.com (malice@hiway1.exit109.com [208.225.64.3]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id PAA07245 for ; Wed, 9 Jun 1999 15:13:17 +0200 Received: from localhost (malice@localhost) by hiway1.exit109.com (8.9.3/8.7.3) with SMTP id JAA29657 for ; Wed, 9 Jun 1999 09:13:12 -0400 (EDT) Date: Wed, 9 Jun 1999 09:13:11 -0400 (EDT) From: Michael Cunningham To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > i\m sorry but i know what i am talking about. almost any exploit code CAN be > rewritten to be usable with non-executable stack patch too. in fact, i've > never seen a hole which is unusable with it. Yes.. of course it is possible and in some cases easy to rewrite an exploit to get beyond this patch.. but it also makes it impossible for script kiddies to use an exploit that hasnt been rewritten. Would you rather that no patches were applied to the kernel? Hell lets just let every exploit work.. If we can eliminate a tons of sploits and a tons of scripts kiddies then I say go for it. Those crackers who write code and know the kernel line by line arent going to be kept out of the system unless you turn off all services totally. But people like this are only 0.1% of the cracker community. If we can guard against 99.9% then I am happy.. Mike.. -- Some people have told me they don't think a fat penguin really embodies the grace of Linux, which just tells me they have never seen a angry penguin charging at them in excess of 100mph. They'd be a lot more careful about what they say if they had. -- Linus Torvalds - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 16:01:00 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id QAA22304 for securedistros-list; Wed, 9 Jun 1999 16:01:00 +0200 Received: from do.nachtwacht.nl (pino.demon.nl [194.159.226.41]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id QAA21742 for ; Wed, 9 Jun 1999 16:00:45 +0200 Received: from localhost (arjan@localhost) by do.nachtwacht.nl (8.8.7/8.8.7) with ESMTP id PAA00509 for ; Wed, 9 Jun 1999 15:57:01 +0200 Date: Wed, 9 Jun 1999 15:57:01 +0200 (CEST) From: Arjan Vos X-Sender: arjan@do.nachtwacht.nl To: securedistros@nl.linux.org Subject: Re: Be careful... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Tue, 8 Jun 1999, Rik van Riel wrote: > On Tue, 8 Jun 1999, Arjan Vos wrote: > > > ....that not too much goodies are implemented by default. I saw > > several discussions and whish lists fly by about what should be > > included in a secure distro.... I would like to point out that in > > my opinion not too much should be included in the basic distro. > > What should and should not be included in a distribution > is something to be fought out on the mailing lists of the > distributions, not on the multi-distro mailing list. > > I suggest people take this discussion to 'their own' mailing > lists: > kha0s: kha0s-dev@kha0s.org (??) > secure Linux: securelinux@reseau.nl I agree.. But some of the discussions imply otherwise. Anyhow, also following the point Marc Heuse raised, what directions are the different distributions to follow? For example, one of the distros might include differentiation of root-level rights (similar to Autosecure's, but than not as an add-on, but as an design choice) on kernel-level, or maybe it could identify three spaces: - nucleus-space (microkernel-like small set of basic functions such as timer, clock handling, paging, swapping, filesystem, ipc, etc.) - (modular) kernel-space for hardware-dependant facilities (device drivers, networking implementations) - user-space for applications and user-interfacing. (that leaves low-level system-startup actions, trap and fault handling, manipulation of processes run-time context, etc.... Where to put these?) Anyhow, to incorporate secure operations, one needs to think about labels and flags for communications between the spaces..... and with all the other facilities that would require a complete new operating system.... So when we stick with Linux as a basis, where to go with different distributions? Complete audit of sources? Introduction of non-executable stacks, differentation of privileged rights? I am still somewhat confused after reading wish lists... Gr. Arjan ---- Eat hard Sleep hard Wear glasses if you need them - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 16:22:46 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id QAA28509 for securedistros-list; Wed, 9 Jun 1999 16:22:46 +0200 Received: from mail05.rapidsite.net (mail05.rapidsite.net [207.158.192.42]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id QAA28421 for ; Wed, 9 Jun 1999 16:22:37 +0200 Received: from www.carscaddon.com (209.238.84.184) by mail05.rapidsite.net (RS ver 1.0.4) with SMTP id 013794; Wed, 9 Jun 1999 10:22:28 -0400 (EDT) Message-Id: <4.2.0.56.19990609100937.034ee210@techdec.com> X-Sender: ac@carscaddon.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.56 (Beta) Date: Wed, 09 Jun 1999 10:18:05 -0400 To: securedistros@nl.linux.org From: Allan Carscaddon Subject: Re: ideal tripwire environment Cc: daniels@cs.purdue.edu In-Reply-To: <199906081544.KAA18791@lemuria.cs.purdue.edu> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Loop-Detect: 1 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Tom and all: I don't really remember the specifics of tripwire (it has been more than 2 years since I was using it with even passing regularity), but of even greater value (although possibly too difficult, if tripwire's design doesn't allow it) would be the "pre-made" tripwire checksum database included with the distribution. This would allow for someone who suspects problems but who hasn't done the work to get tripwire going (and who does, until after there is a problem?) and check the binaries and other files that are supplied with the distribution and would be untouched in a "standard" installation. This would make detection much easier in these cases. I agree that the version of tripwire supplied with any distribution should be tweaked for the distribution so that it is much easier to get it running. Has anyone ever done any work with the likes of a "remote" tripwire, where a master secured database of workstations is kept on a central server and regular checks are made over the wire for tampering? Allan At 11:44 AM 6/8/99 , Tom Daniels wrote: >The real point here is: > - supply a tripwire database tweaked for the distribution so that > it is much >easier to start using tripwire. > - even if you don't run tripwire in the safest possible mode, it > can still be >immensely useful to figure out what a script kiddie has done to your system. >Besides, most of the attackers I run into, don't even delete tcpwrapper >logs! >Let alone, muck with your tripwire database. > - As someone else pointed out, provide the option of creating a > tripwire >rescue floppy or CD-R. > >While no one will argue that running tripwire off of a hard drive is as safe >as via remote r/o mount (or whatever), it is still MUCH better than not >running it at all. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 19:04:52 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA08882 for securedistros-list; Wed, 9 Jun 1999 19:04:52 +0200 Received: from mailgw1a.lmco.com (mailgw1a.lmco.com [192.31.106.7]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA08749 for ; Wed, 9 Jun 1999 19:04:41 +0200 Received: from emss02g01.ems.lmco.com (emss02g01.ems.lmco.com [198.7.15.39]) by mailgw1a.lmco.com (8.8.8/8.8.8) with ESMTP id LAA30633 for ; Wed, 9 Jun 1999 11:04:31 -0600 (MDT) Received: from CONVERSION-DAEMON by lmco.com (PMDF V5.2-32 #38330) id <0FD200201KREDB@lmco.com> for securedistros@nl.linux.org; Wed, 9 Jun 1999 11:04:31 -0600 (MDT) Received: from wdl1.wdl.lmco.com ([137.249.32.1]) by lmco.com (PMDF V5.2-32 #38330) with ESMTP id <0FD2000DTKRAOJ@lmco.com> for securedistros@nl.linux.org; Wed, 09 Jun 1999 11:04:23 -0600 (MDT) Received: from lmco.com (ird45 [137.249.32.45]) by wdl1.wdl.lmco.com (8.8.8+Sun/8.8.8) with ESMTP id KAA11981 for ; Wed, 09 Jun 1999 10:05:57 -0700 (PDT) Date: Wed, 09 Jun 1999 10:05:57 -0700 From: "George W. Dinolt" Subject: Re: Be careful... To: securedistros@nl.linux.org Message-id: <375E9EF5.54E54E72@lmco.com> Organization: Lockheed Martin Mission Ground Systems MIME-version: 1.0 X-Mailer: Mozilla 4.5 [en] (X11; U; SunOS 5.5.1 sun4m) Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT X-Accept-Language: en References: Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org In -- Regards, George W. Dinolt Trusted System Lab Lockheed Martin M&DS Western Region (George.W.Dinolt@lmco.com, VOICE:(408)473-4150, FAX:(408)473-7131) - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 19:14:53 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA09081 for securedistros-list; Wed, 9 Jun 1999 19:14:53 +0200 Received: from mailgw1a.lmco.com (mailgw1a.lmco.com [192.31.106.7]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA08991 for ; Wed, 9 Jun 1999 19:14:44 +0200 Received: from emss02g01.ems.lmco.com (emss02g01.ems.lmco.com [198.7.15.39]) by mailgw1a.lmco.com (8.8.8/8.8.8) with ESMTP id LAA04373 for ; Wed, 9 Jun 1999 11:14:38 -0600 (MDT) Received: from CONVERSION-DAEMON by lmco.com (PMDF V5.2-32 #38330) id <0FD200501L8E40@lmco.com> for securedistros@nl.linux.org; Wed, 9 Jun 1999 11:14:38 -0600 (MDT) Received: from wdl1.wdl.lmco.com ([137.249.32.1]) by lmco.com (PMDF V5.2-32 #38330) with ESMTP id <0FD2000C0L8COJ@lmco.com> for securedistros@nl.linux.org; Wed, 09 Jun 1999 11:14:36 -0600 (MDT) Received: from lmco.com (ird45 [137.249.32.45]) by wdl1.wdl.lmco.com (8.8.8+Sun/8.8.8) with ESMTP id KAA12018 for ; Wed, 09 Jun 1999 10:16:11 -0700 (PDT) Date: Wed, 09 Jun 1999 10:16:11 -0700 From: "George W. Dinolt" Subject: Re: Be careful... To: securedistros@nl.linux.org Message-id: <375EA15B.6961DC6D@lmco.com> Organization: Lockheed Martin Mission Ground Systems MIME-version: 1.0 X-Mailer: Mozilla 4.5 [en] (X11; U; SunOS 5.5.1 sun4m) Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT X-Accept-Language: en References: Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Arjan Vos wrote: > > On Tue, 8 Jun 1999, Marc wrote: > > > In my opinion a secure linux shouldn't be a linux ;-) > > If you want to have something secure, you need a secure basic design. > > The problem with unix begins with the one and mighty superuser root, goes > > over to a missing trusted computing base, labels for data, etc. (yes, some > > commercial unixes or add-on products have got these features. We need these > > on linux and/or BSD too) > > > > Then take a look at the kernel. A big thing with features for everything, > > and your kernel will panic if one part of it goes wrong. > > > > What is needed is a good secure basic design. Then rewrite the kernel to > > have only one small kern and many modules, where when one modules dies ofr > > any reason (eg. tcpip module) everything else is still stable. No root, but > > roles and capabilities, labels, etc. etc. > > Then the rest of the system should be written and/or ported. > > mmm.... come to think of it... The NT design started out OK in a certain > way, but M$ focussed too much on a microkernel-like design while in the > end (well, actually in the beginning) they should have picked a > monolithic kernel approach.... Anyhow, such ideas might still stand for > secure kernel design: have a small and secure nucleus that communicates > with many modules through labels/flags and such. > > > The result would be an operating system which can run linux and/or bsd > > stuff, but is nativly not a real unix. > > Yep.... But hey, let's make the modular subsystem and nucleas > POSIX-complient... Hell, mabe we should opensource MVS and call it > Unix :-)) > > > However, this is very much work. And I think this is something which can > > only be done commercially also the result might be (I hope!) open source. > > > > You could not trust the securelinux distros discussed on this list or openbsd > > because it still has got it basic vulnerabilities it struggles to keep close. > > I agree with Marc, but I am afraid that our mails didn't add much value to > the securedistros discussion.... > > Gr. Arjan > > ---- > Eat hard > Sleep hard > Wear glasses if you need them > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ (Sorry about empty previous message) In fact a true micro-kernel, secure unix was built in the 1978-1981 time frame by the folk at Ford Aerospace. It was called KSOS (Kernelized Secure Operating System). If I understand what was built correctly, it had no AT&T code in it but it would run binaries compiled on Version 6 Unix. The system supported Multilevel Security, and integrity model and lots of other goodies. Ther kernel fit in a space which included 64KB for code, and 64KB of data. It was built to support a very high degree of assurance that it would not violate the given security policies. For those who are aware of such things, it was the model for the A1 level of assurance described in the "Orange Book". One of the interesting consequences of the verification effort was that once the 3 major portions of the kernel were integrated together the kernel never crashed. The system was fully functional and was used on several government programs. The project was funded by the government. It took about 3 years and about $20M. -- Regards, Trusted Systems Lab George W. Dinolt Lockheed Martin M&DS Western Region (George.W.Dinolt@lmco.com, VOICE:(408)473-4150, FAX:(408)473-7131) Note: these are my opionions. Anyone else or any organization that wants to claim them does so at their own risk.) - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 20:30:08 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id UAA09962 for securedistros-list; Wed, 9 Jun 1999 20:30:08 +0200 Received: from mail (root@[209.88.93.138]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id UAA09228; Wed, 9 Jun 1999 20:29:49 +0200 Received: from proxy_server ([209.88.93.179]) by mail (8.9.0/8.8.4) with SMTP id UAA11360; Wed, 9 Jun 1999 20:36:46 +0200 From: "Thabani Bhebe" To: "Emmanuel Galanos" , "Crispin Cowan" , "Rik van Riel" Cc: "Chris Evans" , , , , , Subject: Re: Ann: common secure linux mailing list Date: Wed, 9 Jun 1999 20:24:29 +0200 Message-ID: <01beb2a5$50306750$b35d58d1@proxy_server.telcovic> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.71.1712.3 X-MimeOLE: Produced By Microsoft MimeOLE V4.71.1712.3 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org I need to subscribe so that I keep getting the latest information and updates on the linux software. I have enjoyed reading some staff you have sent to my friend. You can send anything to tbhebe@excite.com or to t.bhebe@telco.co.zw . I look forward to hear from you. Regards Thabani Bhebe - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 21:22:52 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id VAA09045 for securedistros-list; Wed, 9 Jun 1999 21:22:52 +0200 Received: from raven.bu.edu (RAVEN.BU.EDU [128.197.128.31]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id VAA08957 for ; Wed, 9 Jun 1999 21:22:44 +0200 Received: from localhost (jehahn@localhost) by raven.bu.edu ((8.8.8.buoit.v1.0)/8.8.8/(BU-S-10/08/98-v1.0)) with ESMTP id PAA19604 for ; Wed, 9 Jun 1999 15:22:37 -0400 (EDT) Message-Id: <199906091922.PAA19604@raven.bu.edu> To: securedistros@nl.linux.org Subject: ideal tripwire environment In-reply-to: Your message of "Wed, 09 Jun 1999 10:18:05 EDT." <4.2.0.56.19990609100937.034ee210@techdec.com> Date: Wed, 09 Jun 1999 15:22:37 -0400 From: Justin Hahn Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Allan Carscaddon writes: ac> Has anyone ever done any work with the likes of a "remote" tripwire, where ac> a master secured database of workstations is kept on a central server and ac> regular checks are made over the wire for tampering? We use something called "baseline" which does this. I have no idea who makes it, but it's decent software. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 22:36:10 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id WAA14816 for securedistros-list; Wed, 9 Jun 1999 22:36:10 +0200 Received: from blue.xox.pl (p2.a2.core.ids.pl [195.117.3.149]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id WAA14395 for ; Wed, 9 Jun 1999 22:35:50 +0200 From: koJak@ids.pl Received: (qmail 713 invoked by uid 1000); 9 Jun 1999 20:27:51 -0000 Date: Wed, 9 Jun 1999 22:27:51 +0200 To: securedistros@nl.linux.org Subject: Re: Re: wish list Message-ID: <19990609222750.B634@blue> References: <4.2.0.56.19990607101313.00952b00@purgatory.fdf.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.3i In-Reply-To: <4.2.0.56.19990607101313.00952b00@purgatory.fdf.net>; from Dustin Marquess on Mon, Jun 07, 1999 at 10:14:52AM -0500 X-True: Szukam pracy Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Mon, Jun 07, 1999 at 10:14:52AM -0500, Dustin Marquess wrote: > I personally believe that a secure Linux distribution will disable > any service that is non-crucial to the box, and then let the admin turn > things on, either manually or via some script. I think the option of > "turning everything on" during install would take advantage of lazy admins > who will turn all of it on by default. I figure if they NEED it on, > they'll take the time to turn it on. Yes, I think the same, but we shouldn't think about lazy or unqualified admins, because if admin is dumb, even the most secure system will be insecure. Secure Linux Distribution should be as safe as it is possible while installation - if the box already have to be connected to the Internet. I it isn't safe at all to turn on services while the system (or the service) is not fully configred (what is impossible in the installation process - to apply all needed patches, and so on). So, most services should be turned off by default. -- :: Zbyszek Sobiecki ::: confidence != secure :::: :: http://kojak.nie.jest.underground.pl/ :::::::: :: tel. +48 (22) 7259724 || koJak@ids.pl :::::::: :: #CODE Team (http://code.innet.pl) && LamePl :: - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 23:39:58 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id XAA08567 for securedistros-list; Wed, 9 Jun 1999 23:39:58 +0200 Received: from church.cse.ogi.edu (root@cse.ogi.edu [129.95.20.2]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id XAA08467 for ; Wed, 9 Jun 1999 23:39:50 +0200 Received: from cse.ogi.edu (crispin@groo.cse.ogi.edu [129.95.50.28]) by church.cse.ogi.edu (8.8.6/8.8.6) with ESMTP id OAA12424 for ; Wed, 9 Jun 1999 14:39:43 -0700 (PDT) Message-ID: <375EBAE2.ABF57B76@cse.ogi.edu> Date: Wed, 09 Jun 1999 12:05:06 -0700 From: Crispin Cowan Organization: Oregon Graduate Institute X-Mailer: Mozilla 4.6 [en] (X11; I; Linux 2.0.35 i586) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: wish list References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Milan Pikula - WWW wrote: > i\m sorry but i know what i am talking about. almost any exploit code CAN be > rewritten to be usable with non-executable stack patch too. in fact, i've > never seen a hole which is unusable with it. > > consider this program (hole.c): Cool! Thanks for the examples. I've seen attacks that beat the non-executable stack before, but I thought they were fairly specific to particular pieces of code. Thanks for the demonstration that the problem is general. > void main(int argc, char * argv[]) > { > char buffer[16]; > strcpy(buffer, argv[1]); > } However, it does seem that the attacks you describe will all be detected and stopped by StackGuard. Perhaps now (if he's listening :-) Solar Designer will stop referring to StackGuard as a kludge :-) Evidence: the lsof attack that went around last month beat the non-executable stack, but was stopped by StackGuard. Crispin ----- Crispin Cowan, Research Assistant Professor of Computer Science, OGI NEW: Protect Your Linux Host with StackGuard'd Programs :FREE http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ Microsoft: Putting the "lame" in "layman" - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 23:40:22 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id XAA08708 for securedistros-list; Wed, 9 Jun 1999 23:40:22 +0200 Received: from church.cse.ogi.edu (root@cse.ogi.edu [129.95.20.2]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id XAA08610 for ; Wed, 9 Jun 1999 23:40:01 +0200 Received: from cse.ogi.edu (crispin@groo.cse.ogi.edu [129.95.50.28]) by church.cse.ogi.edu (8.8.6/8.8.6) with ESMTP id OAA12443; Wed, 9 Jun 1999 14:39:50 -0700 (PDT) Message-ID: <375ED44E.892250BF@cse.ogi.edu> Date: Wed, 09 Jun 1999 13:53:34 -0700 From: Crispin Cowan Organization: Oregon Graduate Institute X-Mailer: Mozilla 4.6 [en] (X11; I; Linux 2.0.35 i586) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org CC: dtk@all.net Subject: Re: wish list References: <199906090226.WAA14231@alcove.wittsend.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org "Michael H. Warfield" wrote: > Crispin Cowan enscribed thusly: > > Nonsense. The non-executable stack patch (and StackGuard) prevent attacks against > > specific classes of vulnerabilities. With the protections enabled, these > > vulnerabilities CANNOT be exploited: you have to go find > > DIFFERENT vulnerabilities. For that reason, they are not 'security by obscurity', > > they are legitimate security enhancements. Bonus points: either one of them > > alone can stop a MAJORITY of common security attacks, and together they stop even > > more. > > I would back this up further... If your system is properly armed > with alarms to go off with attempts to exploit these attacks, you have a > shot at knowing an attacker is at the door. This is security in depth. ... > All of the standard "tricks" (suitably protected against spoofing > attacks) should be honey pots that fire alarms and block attacks. If you want to take that approach, you should also know about the Deception Toolkit (DTK): http://all.net/dtk.html The Deception Toolkit provides a large number of "honeypot" servers: spoofed servers that look vulnerable, but are not. For instance, it includes a program that pretends to be a sendmail server with the DEBUG vulnerability. If you tickle it just so, it will send you a password file--with bogus passwords in it. Crispin ----- Crispin Cowan, Research Assistant Professor of Computer Science, OGI NEW: Protect Your Linux Host with StackGuard'd Programs :FREE http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ Microsoft: Putting the "lame" in "layman" - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Wed Jun 9 23:47:10 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id XAA19690 for securedistros-list; Wed, 9 Jun 1999 23:47:10 +0200 Received: from alcove.wittsend.com (IDENT:root@alcove.wittsend.com [130.205.0.20]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id XAA19500 for ; Wed, 9 Jun 1999 23:46:59 +0200 Received: (from mhw@localhost) by alcove.wittsend.com (8.9.3/8.9.3) id RAA30746; Wed, 9 Jun 1999 17:46:49 -0400 From: "Michael H. Warfield" Message-Id: <199906092146.RAA30746@alcove.wittsend.com> Subject: Re: wish list In-Reply-To: <375ED44E.892250BF@cse.ogi.edu> from Crispin Cowan at "Jun 9, 1999 01:53:34 pm" To: securedistros@nl.linux.org Date: Wed, 9 Jun 1999 17:46:48 -0400 (EDT) CC: dtk@all.net X-Mailer: ELM [version 2.4ME+ PL56 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Crispin Cowan enscribed thusly: > "Michael H. Warfield" wrote: > > Crispin Cowan enscribed thusly: > > > Nonsense. The non-executable stack patch (and StackGuard) prevent attacks against > > > specific classes of vulnerabilities. With the protections enabled, these > > > vulnerabilities CANNOT be exploited: you have to go find > > > DIFFERENT vulnerabilities. For that reason, they are not 'security by obscurity', > > > they are legitimate security enhancements. Bonus points: either one of them > > > alone can stop a MAJORITY of common security attacks, and together they stop even > > > more. > > I would back this up further... If your system is properly armed > > with alarms to go off with attempts to exploit these attacks, you have a > > shot at knowing an attacker is at the door. This is security in depth. > ... > > All of the standard "tricks" (suitably protected against spoofing > > attacks) should be honey pots that fire alarms and block attacks. > If you want to take that approach, you should also know about the Deception Toolkit > (DTK): http://all.net/dtk.html Oh yeah... I even listed it as a resource reference in my latest security article up on LinuxWorld... :-) That plus Abacus Port Sentry makes for great fun... > The Deception Toolkit provides a large number of "honeypot" servers: spoofed servers > that look vulnerable, but are not. For instance, it includes a program that pretends > to be a sendmail server with the DEBUG vulnerability. If you tickle it just so, it > will send you a password file--with bogus passwords in it. > Crispin > ----- > Crispin Cowan, Research Assistant Professor of Computer Science, OGI > NEW: Protect Your Linux Host with StackGuard'd Programs :FREE > http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ > > Microsoft: Putting the "lame" in "layman" Later! Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (770) 925-8248 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Thu Jun 10 01:48:22 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id BAA13816 for securedistros-list; Thu, 10 Jun 1999 01:48:22 +0200 Received: from hermes.la.csiro.au (hermes.la.csiro.au [152.83.12.2]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id BAA13753 for ; Thu, 10 Jun 1999 01:48:10 +0200 Received: by hermes.la.csiro.au with Internet Mail Service (5.5.2448.0) id ; Thu, 10 Jun 1999 09:47:18 +1000 Message-ID: From: "Wyatt, Anthony" To: "'securedistros@nl.linux.org'" Subject: RE: Be careful... Date: Thu, 10 Jun 1999 09:47:17 +1000 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org > From: George W. Dinolt [mailto:George.W.Dinolt@lmco.com] > > In fact a true micro-kernel, secure unix was built in the 1978-1981 > time frame by the folk at Ford Aerospace. It was called KSOS > (Kernelized Secure Operating System). > For those who are aware of such things, it > was the model for the A1 level of assurance described in the "Orange > Book". > > One of the interesting consequences of the verification effort was > that once the 3 major portions of the kernel were integrated together > the kernel never crashed. The system was fully functional and was used > on several government programs. Thats about 20 years ago, perhaps the details of how it was put together are now available? Does anyone know anything else about this, or where I can find out more about it? Thanks, Anthony Wyatt - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Thu Jun 10 02:36:35 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id CAA14290 for securedistros-list; Thu, 10 Jun 1999 02:36:35 +0200 Received: from poteidaia.utdallas.edu (poteidaia.utdallas.edu [129.110.10.1]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id CAA14194 for ; Thu, 10 Jun 1999 02:36:27 +0200 Received: from smtp.utdallas.edu (suburb.utdallas.edu [129.110.16.32]) by poteidaia.utdallas.edu (8.9.1/8.9.1/null-3.5) with ESMTP id TAA01368 for ; Wed, 9 Jun 1999 19:36:17 -0500 (CDT) From: Paul L Schmehl Message-Id: <199906100036.TAA01368@poteidaia.utdallas.edu> Date: Wed, 9 Jun 1999 19:36:20 -0500 To: Subject: RE: Be careful... X-Mailer: i-Planet 2.0 NetMail 2.2.3 MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Here's what I found from a quick web search: This research project "found security flaws and covert channels in 16 of the 34 kernel functions" http://www.csl.sri.com/sri-csl-security/past-projects.html This is a book on Database Security which has a chapter on secure operating systems which addresses KSOS http://www2.elet.polimi.it/section/compeng/db/security/book.html KSOS gets a mention on an old CS final at North Central College in Napierville, Illinois! http://csc.noctrl.edu/f/kwt/590/oldfinal.htm You can find a paper on KSOS in PDF at George Mason University, along with a number of other papers on computer secuirity. http://ise.gmu.edu/~csis/history/ Ford Aerospace, Secure Minicomputer Operating System (KSOS): Executive Summary Phase I: Design, Western Development Labratories Division, Palo Alto, CA 94303 (April 1978) That's all I found. >Date: Thu, 10 Jun 1999 09:47:17 +1000 >> From: George W. Dinolt [mailto:George.W.Dinolt@lmco.com] >> >> In fact a true micro-kernel, secure unix was built in the 1978-1981 >> time frame by the folk at Ford Aerospace. It was called KSOS >> (Kernelized Secure Operating System). [snip] > >Does anyone know anything else about this, or where I can find out more >about it? > >Thanks, >Anthony Wyatt - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Thu Jun 10 10:33:22 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id KAA22074 for securedistros-list; Thu, 10 Jun 1999 10:33:22 +0200 Received: from fornax.elf.stuba.sk (www@fornax.elf.stuba.sk [147.175.111.112]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id KAA22015 for ; Thu, 10 Jun 1999 10:33:11 +0200 Received: from localhost (www@localhost) by fornax.elf.stuba.sk (8.8.7/8.8.7) with ESMTP id KAA05480 for ; Thu, 10 Jun 1999 10:31:21 +0200 Date: Thu, 10 Jun 1999 10:31:21 +0200 (MEST) From: Milan Pikula - WWW To: securedistros@nl.linux.org Subject: Re: wish list In-Reply-To: <375EBAE2.ABF57B76@cse.ogi.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Wed, 9 Jun 1999, Crispin Cowan wrote: W>However, it does seem that the attacks you describe will all be detected and stopped by W>StackGuard. Perhaps now (if he's listening :-) Solar Designer will stop referring to W>StackGuard as a kludge :-) yes, StackGuard seems like a great thing, which have to be included in any secure distribution. Unlike the non-executable stack patch (which is IMHO fine because the stack have no reason to be executable, but is not fine when presented as a security cure) this one really solves the problem. The only disadvantage is a non-standard stack frame, which may cause problems in some cases (sorry if I got it wrong). It will be nice to see it working with medusa, which is designed to catch the _unknown_ attacks. Someone said here something about 'shutting down the firewall'. Do StackGuard have some possibility to start an active defense? bye, Milan -- Milan Pikula, WWW. Finger me for Geek Code. http://fornax.elf.stuba.sk/~www, www@fornax.elf.stuba.sk .. dajte mi pewnu linku a pohnem zemegulow .. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Thu Jun 10 15:36:35 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id PAA21975 for securedistros-list; Thu, 10 Jun 1999 15:36:35 +0200 Received: from poteidaia.utdallas.edu (poteidaia.utdallas.edu [129.110.10.1]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id PAA21879 for ; Thu, 10 Jun 1999 15:36:26 +0200 Received: from utdallas.edu (rna82006.utdallas.edu [129.110.82.6]) by poteidaia.utdallas.edu (8.9.1/8.9.1/null-3.5) with ESMTP id IAA03490 for ; Thu, 10 Jun 1999 08:36:20 -0500 (CDT) Message-ID: <375FBF83.ABA04EC5@utdallas.edu> Date: Thu, 10 Jun 1999 08:37:07 -0500 From: Dale Massey X-Mailer: Mozilla 4.51 [en] (Win98; I) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: Be careful... References: <199906100036.TAA01368@poteidaia.utdallas.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org I didn't know you where on this list.:) Paul L Schmehl wrote: > > Here's what I found from a quick web search: > > This research project "found security flaws and covert > channels in 16 of the 34 kernel functions" > http://www.csl.sri.com/sri-csl-security/past-projects.html > > This is a book on Database Security which has a chapter on > secure operating systems which addresses KSOS > http://www2.elet.polimi.it/section/compeng/db/security/book.html > > KSOS gets a mention on an old CS final at North Central College > in Napierville, Illinois! > http://csc.noctrl.edu/f/kwt/590/oldfinal.htm > > You can find a paper on KSOS in PDF at George Mason University, > along with a number of other papers on computer secuirity. > http://ise.gmu.edu/~csis/history/ > Ford Aerospace, Secure Minicomputer Operating System (KSOS): > Executive Summary Phase I: Design, Western Development > Labratories Division, Palo Alto, CA 94303 (April 1978) > > That's all I found. > > >Date: Thu, 10 Jun 1999 09:47:17 +1000 > >> From: George W. Dinolt [mailto:George.W.Dinolt@lmco.com] > >> > >> In fact a true micro-kernel, secure unix was built in the 1978-1981 > >> time frame by the folk at Ford Aerospace. It was called KSOS > >> (Kernelized Secure Operating System). > [snip] > > > >Does anyone know anything else about this, or where I can find out more > >about it? > > > >Thanks, > >Anthony Wyatt > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Thu Jun 10 15:55:45 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id PAA21466 for securedistros-list; Thu, 10 Jun 1999 15:55:45 +0200 Received: from poteidaia.utdallas.edu (poteidaia.utdallas.edu [129.110.10.1]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id PAA21366 for ; Thu, 10 Jun 1999 15:55:38 +0200 Received: from utdallas.edu (rna82006.utdallas.edu [129.110.82.6]) by poteidaia.utdallas.edu (8.9.1/8.9.1/null-3.5) with ESMTP id IAA04894 for ; Thu, 10 Jun 1999 08:55:32 -0500 (CDT) Message-ID: <375FC403.2B20583B@utdallas.edu> Date: Thu, 10 Jun 1999 08:56:19 -0500 From: Dale Massey X-Mailer: Mozilla 4.51 [en] (Win98; I) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: Be careful... References: <199906100036.TAA01368@poteidaia.utdallas.edu> <375FBF83.ABA04EC5@utdallas.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Sorry guys didn't mean to send that to the list. Was going to fast. Dale Massey wrote: > > I didn't know you where on this list.:) > > Paul L Schmehl wrote: > > > > Here's what I found from a quick web search: > > > > This research project "found security flaws and covert > > channels in 16 of the 34 kernel functions" > > http://www.csl.sri.com/sri-csl-security/past-projects.html > > > > This is a book on Database Security which has a chapter on > > secure operating systems which addresses KSOS > > http://www2.elet.polimi.it/section/compeng/db/security/book.html > > > > KSOS gets a mention on an old CS final at North Central College > > in Napierville, Illinois! > > http://csc.noctrl.edu/f/kwt/590/oldfinal.htm > > > > You can find a paper on KSOS in PDF at George Mason University, > > along with a number of other papers on computer secuirity. > > http://ise.gmu.edu/~csis/history/ > > Ford Aerospace, Secure Minicomputer Operating System (KSOS): > > Executive Summary Phase I: Design, Western Development > > Labratories Division, Palo Alto, CA 94303 (April 1978) > > > > That's all I found. > > > > >Date: Thu, 10 Jun 1999 09:47:17 +1000 > > >> From: George W. Dinolt [mailto:George.W.Dinolt@lmco.com] > > >> > > >> In fact a true micro-kernel, secure unix was built in the 1978-1981 > > >> time frame by the folk at Ford Aerospace. It was called KSOS > > >> (Kernelized Secure Operating System). > > [snip] > > > > > >Does anyone know anything else about this, or where I can find out more > > >about it? > > > > > >Thanks, > > >Anthony Wyatt > > > > - > > Securedistros: A common list for all secured Linux distributions > > Archive: http://humbolt.nl.linux.org/lists/ > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Thu Jun 10 17:55:35 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id RAA19799 for securedistros-list; Thu, 10 Jun 1999 17:55:35 +0200 Received: from poteidaia.utdallas.edu (poteidaia.utdallas.edu [129.110.10.1]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id RAA19641 for ; Thu, 10 Jun 1999 17:55:26 +0200 Received: from pc2738.utdallas.edu (pc2738.utdallas.edu [129.110.27.38]) by poteidaia.utdallas.edu (8.9.1/8.9.1/null-3.5) with ESMTP id KAA16339 for ; Thu, 10 Jun 1999 10:55:20 -0500 (CDT) Date: Thu, 10 Jun 1999 10:53:42 -0500 From: Paul L Schmehl To: securedistros@nl.linux.org Subject: Re: Be careful... Message-ID: <1299086363.929012022@pc2738.utdallas.edu> In-Reply-To: <375FBF83.ABA04EC5@utdallas.edu> Originator-Info: login-id=pauls; server=inbox-p.utdallas.edu X-Mailer: Mulberry (Win32) [1.4.2, s/n S-398085] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org You never know where I might pop up. --On 6/10/99, 8:37 AM -0500 Dale Massey wrote: > I didn't know you where on this list.:) > > Paul L Schmehl wrote: >> >> Here's what I found from a quick web search: >> >> This research project "found security flaws and covert >> channels in 16 of the 34 kernel functions" >> http://www.csl.sri.com/sri-csl-security/past-projects.html >> >> This is a book on Database Security which has a chapter on >> secure operating systems which addresses KSOS >> http://www2.elet.polimi.it/section/compeng/db/security/book.html >> >> KSOS gets a mention on an old CS final at North Central College >> in Napierville, Illinois! >> http://csc.noctrl.edu/f/kwt/590/oldfinal.htm >> >> You can find a paper on KSOS in PDF at George Mason University, >> along with a number of other papers on computer secuirity. >> http://ise.gmu.edu/~csis/history/ >> Ford Aerospace, Secure Minicomputer Operating System (KSOS): >> Executive Summary Phase I: Design, Western Development >> Labratories Division, Palo Alto, CA 94303 (April 1978) >> >> That's all I found. >> >> > Date: Thu, 10 Jun 1999 09:47:17 +1000 >> >> From: George W. Dinolt [mailto:George.W.Dinolt@lmco.com] >> >> >> >> In fact a true micro-kernel, secure unix was built in the 1978-1981 >> >> time frame by the folk at Ford Aerospace. It was called KSOS >> >> (Kernelized Secure Operating System). >> [snip] >> > >> > Does anyone know anything else about this, or where I can find out more >> > about it? >> > >> > Thanks, >> > Anthony Wyatt >> >> - >> Securedistros: A common list for all secured Linux distributions >> Archive: http://humbolt.nl.linux.org/lists/ > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ Paul L. Schmehl, pauls@utdallas.edu Technical Support Services Manager The University of Texas at Dallas - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Thu Jun 10 19:28:55 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA07778 for securedistros-list; Thu, 10 Jun 1999 19:28:55 +0200 Received: from church.cse.ogi.edu (root@cse.ogi.edu [129.95.20.2]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id TAA07725 for ; Thu, 10 Jun 1999 19:28:46 +0200 Received: from cse.ogi.edu (crispin@groo.cse.ogi.edu [129.95.50.28]) by church.cse.ogi.edu (8.8.6/8.8.6) with ESMTP id KAA19701; Thu, 10 Jun 1999 10:28:39 -0700 (PDT) Message-ID: <375FF556.92841B18@cse.ogi.edu> Date: Thu, 10 Jun 1999 10:26:46 -0700 From: Crispin Cowan Organization: Oregon Graduate Institute X-Mailer: Mozilla 4.6 [en] (X11; I; Linux 2.0.35 i586) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: wish list References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Milan Pikula - WWW wrote: > yes, StackGuard seems like a great thing, which have to be included in > any secure distribution. Unlike the non-executable stack patch (which is > IMHO fine because the stack have no reason to be executable, but is not > fine when presented as a security cure) this one really solves the problem. > The only disadvantage is a non-standard stack frame, which may cause > problems in some cases (sorry if I got it wrong). Yes, StackGuard can cause compatibility problems, but is generally pretty clean. We used StackGuard to do a complete re-build of all the C programs that come with Red Hat 5.1, you can get it here: http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ Known problems found in 5.1: * gdb cannot debug StackGuarded programs, because gdb thinks it knows what a stack frame looks like. We produced an experimental gdb that knows about StackGuard, but we could not figure out how to *detect* StackGuard frames so that gdb could work with mixed code (some StackGuarded, some not). * StackGuarded ld.so causes problems with some binary-only legacy programs that use libc5 (Netscape, Star Office, WABI, and Adobe Acroread). Replacing it with the stock ld.so solves the problem, but because it is only manifested by binary-only programs, we didn't try to debug it. We're trying to do RH 5.2, but it's giving us problems. Somewhere inside the convoluted build routine for glibc is some arcane code that seems to make assumptions about the format of a stack frame. So far we've spent 6 weeks trying to hunt it down. > It will be nice to see it working with medusa, which is designed to catch > the _unknown_ attacks. What's "medusa"? StackGuard was also designed primarily to catch unknown attacks, within a certain class of vulnerabilities. What does medusa do? > Someone said here something about 'shutting down the firewall'. Do > StackGuard have some possibility to start an active defense? StackGuard sounds the alarm by syslog'ing the smash attempt. Several StackGuard users have combined this with swatch (syslog watch) to program certain actions when StackGuard alerts are seen. We have a paper in submission that describes a general framework for programming multiple defense postures depending on observed attacks. Crispin ----- Crispin Cowan, Research Assistant Professor of Computer Science, OGI NEW: Protect Your Linux Host with StackGuard'd Programs :FREE http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ Microsoft: Putting the "lame" in "layman" - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Thu Jun 10 23:49:00 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id XAA23408 for securedistros-list; Thu, 10 Jun 1999 23:49:00 +0200 Received: from finch-post-12.mail.demon.net (finch-post-12.mail.demon.net [194.217.242.41]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id XAA23264 for ; Thu, 10 Jun 1999 23:48:52 +0200 From: nickb@cedarmist.demon.co.uk Received: from cedarmist.demon.co.uk ([194.222.166.252]) by finch-post-12.mail.demon.net with esmtp (Exim 2.12 #1) id 10sCgb-000Inn-0C for securedistros@nl.linux.org; Thu, 10 Jun 1999 21:48:36 +0000 Received: (from nickb@localhost) by cedarmist.demon.co.uk (8.9.2/8.9.0) id WAA00691; Thu, 10 Jun 1999 22:44:31 +0100 (BST) Message-Id: <199906102144.WAA00691@cedarmist.demon.co.uk> Subject: Re: ideal tripwire environment To: securedistros@nl.linux.org Date: Thu, 10 Jun 1999 22:44:31 +0100 (BST) In-Reply-To: <4.2.0.56.19990609100937.034ee210@techdec.com> from "Allan Carscaddon" at Jun 9, 99 10:18:05 am Content-Type: text Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Allan Carscaddon previously said: > > > Has anyone ever done any work with the likes of a "remote" tripwire, where > a master secured database of workstations is kept on a central server and > regular checks are made over the wire for tampering? > > Allan > I was thinking about this not too long ago and almost immediately began wondering how you could assure yourself that the remote client was the one you thought and not one that had been substituted. Preferably by code contained in the client. The answer is still beyond me, so if anyone has any ideas (or better still a working example) please enlighten me. nickb - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Fri Jun 11 00:51:49 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA17500 for securedistros-list; Fri, 11 Jun 1999 00:51:49 +0200 Received: from oto.gate.net (fooz@oto.gate.net [199.227.254.133]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id AAA17497 for ; Fri, 11 Jun 1999 00:51:41 +0200 Received: (from fooz@localhost) by oto.gate.net (8.9.3/8.9.0.Beta3) id SAA25510 for securedistros@nl.linux.org; Thu, 10 Jun 1999 18:51:35 -0400 Date: Thu, 10 Jun 1999 18:51:35 -0400 From: Illuminatus Primus To: securedistros@nl.linux.org Subject: Re: ideal tripwire environment Message-ID: <19990610185134.L953@oto.valueweb.net> References: <4.2.0.56.19990609100937.034ee210@techdec.com> <199906102144.WAA00691@cedarmist.demon.co.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.3i In-Reply-To: <199906102144.WAA00691@cedarmist.demon.co.uk>; from nickb@cedarmist.demon.co.uk on Thu, Jun 10, 1999 at 10:44:31PM +0100 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Anyone who thinks a compromised kernel without properly implemented securelevels can be relied upon is smoking some serious crack. You should hard reset a machine and boot off a floppy to be sure that the kernel, the libraries, and whatever else influences the behavior of your system is not contaminating the environment of tripwire. It's very easy to write a kernel module that allows one image of a file to be presented for reading (ie. checking with tripwire), and an entirely different version to be used during execute-time. On a related note, much hardware now has the ability to have its microcode rewritten. This gives the scary possibility that a compromised machine can't be trusted all the way down to the hardware level. +----[ On Thu, Jun 10, at 10:44PM(+0100), nickb@cedarmist.demon.co.uk wrote: ]-------------- | Allan Carscaddon previously said: | > | > | > Has anyone ever done any work with the likes of a "remote" tripwire, where | > a master secured database of workstations is kept on a central server and | > regular checks are made over the wire for tampering? | > | > Allan | > | | I was thinking about this not too long ago and almost immediately began | wondering how you could assure yourself that the remote client was the | one you thought and not one that had been substituted. Preferably by | code contained in the client. | | The answer is still beyond me, so if anyone has any ideas (or better | still a working example) please enlighten me. | | | nickb | - | Securedistros: A common list for all secured Linux distributions | Archive: http://humbolt.nl.linux.org/lists/ +----[ End Quote ]--------------------------- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Fri Jun 11 02:51:50 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id CAA06980 for securedistros-list; Fri, 11 Jun 1999 02:51:50 +0200 Received: from zor.hut.fi (zor.hut.fi [130.233.242.65]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id CAA06899 for ; Fri, 11 Jun 1999 02:51:42 +0200 Received: from localhost (waste@localhost) by zor.hut.fi (8.9.1/8.9.1) with ESMTP id DAA30268 for ; Fri, 11 Jun 1999 03:53:13 +0300 Date: Fri, 11 Jun 1999 03:53:13 +0300 (EEST) From: Toxic Waste To: securedistros@nl.linux.org Subject: Re: ideal tripwire environment In-Reply-To: <19990610185134.L953@oto.valueweb.net> Message-ID: X-URL: http://jya.com/usa-rfa.htm X-URL: http://www.iptvreports.mcmail.com/ic2kreport.htm X-no-archive: Yes MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Thu, 10 Jun 1999, Illuminatus Primus wrote: > Anyone who thinks a compromised kernel without properly implemented > securelevels can be relied upon is smoking some serious crack. > > You should hard reset a machine and boot off a floppy to be sure that > the kernel, the libraries, and whatever else influences the behavior > of your system is not contaminating the environment of tripwire. > > It's very easy to write a kernel module that allows one image of a > file to be presented for reading (ie. checking with tripwire), and an > entirely different version to be used during execute-time. > > On a related note, much hardware now has the ability to have its > microcode rewritten. This gives the scary possibility that a > compromised machine can't be trusted all the way down to the hardware > level. Including some of the processor microcodes. Can checksums be calculated of the microcodes? Or can they be read at all? Can the "read-results" be trusted to be what is actually run in there? Can a processor be programmed to lie of it's microcode? > +----[ On Thu, Jun 10, at 10:44PM(+0100), nickb@cedarmist.demon.co.uk wrote: ]-------------- > | Allan Carscaddon previously said: > | > > | > > | > Has anyone ever done any work with the likes of a "remote" tripwire, where > | > a master secured database of workstations is kept on a central server and > | > regular checks are made over the wire for tampering? > | > > | > Allan > | > > | > | I was thinking about this not too long ago and almost immediately began > | wondering how you could assure yourself that the remote client was the > | one you thought and not one that had been substituted. Preferably by > | code contained in the client. > | > | The answer is still beyond me, so if anyone has any ideas (or better > | still a working example) please enlighten me. Assuming nearly infinite resources for the opponent, I think it is pretty much impossible. But takin over a system could perhaps be made costly and difficult. I think an increasingly vigilant sentinel system is necessary that will alert you if a significant chance to affect system security has occurred. E.g. enough time has lapsed that the system can not account for. Constant checksum calculation and verification of code that is run. Only "verified to be authentic" code is run. All code is encrypted. Mounted read-only and decrypted only to be run, and before that checksummed and verified. Multiple encryption levels, e.g. checksums are encrypted on a read-only & unmounted system, etc. If kernel is rebooted, key is lost. All out-going communications should fit a profile to eliminate security faults from giving any information. Runtime-usage book-keeping would also be necessary. Continuously measuring system response time to be what it should be and the checksums to correspond. Keeping check on things continuously and regularly. Giving no time or chance for the hostiles to take over. Changes in response times are about the only differences you would likely detect to the original untampered system, assuming the hardware is the same, if your connection were taken over. Systems having the keys to decrypt the programs to verify, should not be available unencrypted. I don't know how small the response time differences would be.. And you would be very dependant on HW performance quirks. You'd likely have to use long term time averages. Or, if a task/process takes too long to run and it's profile (memory consumption, etc) does not fit a profile, system security may be considered compromised. (I don't really know what the hell I'm talking about.) But I do know that the only way to be sure of a remote system's security, is to keep in constant and continuous contact with it. Have it tell you "I'm ok" every moment (in real time). If the messages stop coming for a too long a time (in real time) or whose content can't be accounted for ("delayed" messages are not acceptable), it's security may have been compromised. All communications should of course be encrypted & signed & be indentifiably serial/continuous in nature. How long a time you consider to be cause for an alarm of compromise, is determined by what you assume of the resources of the possible attacker. Could be very small if the system is all Open Source. Might perhaps be made longer with pervasive encryption, but the system might also become impractical... And all this might be futile. But anyway, the only answer to the authenticity verification question is: keep in touch with the system. Have it "tell" you it's ok. Have every part in the system continuously "tell" you that they're ok. Measure response times. And if verification takes too long at any one time... That should do it. I should go get some sleep... I blurt stuff like this when too tired. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Fri Jun 11 11:13:43 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id LAA23020 for securedistros-list; Fri, 11 Jun 1999 11:13:43 +0200 Received: from mx.nkm.lt (qmailr@nkm.tdd.lt [193.219.211.9]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id LAA23017 for ; Fri, 11 Jun 1999 11:13:33 +0200 Received: (qmail 17045 invoked from network); 11 Jun 1999 09:13:25 -0000 Received: from nkm.tdd.lt (HELO mx.nkm.lt) (midom@193.219.211.9) by nkm.tdd.lt with SMTP; 11 Jun 1999 09:13:25 -0000 Date: Fri, 11 Jun 1999 11:13:25 +0200 (CEST) From: Domas Mituzas X-Sender: midom@mx.nkm.lt To: securedistros@nl.linux.org Subject: capabilized linux Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hello ALL. This message is intended for all those, who are checking their suid files every time. And for those, who do not imagine unix or linux system without suid programs. Here is a sample of ping. A program, that has to be suid root in order to listen on a raw device. so - let's look at it: [midom@flag midom]$ ls -l /bin/ping ---x--x--x 1 root root 14804 Apr 7 23:21 /bin/ping it shouldn't work normaly... but it works: [midom@flag midom]$ ping www.taide.lt PING taidint.taide.lt (193.219.195.135): 56 data bytes 64 bytes from 193.219.195.135: icmp_seq=0 ttl=251 time=19.6 ms 64 bytes from 193.219.195.135: icmp_seq=1 ttl=251 time=79.8 ms --- taidint.taide.lt ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 19.6/49.7/79.8 ms it really works! why is it so? maybe we should check right here: [midom@flag midom]$ /sbin/getcap /bin/ping Capabilities for `/bin/ping': = cap_net_raw+eip ahh... ye... here we have capabilities for ping, that let for this program to listen to raw devices... Of course it can cause security problems (setting such capabilities on sniffers so they can do their work while running as ordinary user..., but in order to check for sniffers it's better to look which processes are using raw device and/or promiscous mode :-) Nevertheless that can be future of a secure linux distro... I'll try learning more C in order to add my 1/2pence to linux security :) more information about it: @ ftp://linux.kernel.org/pub/linux/libs/security/* :-) With respect, Domas Mituzas - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Fri Jun 11 11:22:43 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id LAA27494 for securedistros-list; Fri, 11 Jun 1999 11:22:43 +0200 Received: from fornax.elf.stuba.sk (www@fornax.elf.stuba.sk [147.175.111.112]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id LAA27487 for ; Fri, 11 Jun 1999 11:22:34 +0200 Received: from localhost (www@localhost) by fornax.elf.stuba.sk (8.8.7/8.8.7) with ESMTP id LAA16445 for ; Fri, 11 Jun 1999 11:20:48 +0200 Date: Fri, 11 Jun 1999 11:20:48 +0200 (MEST) From: Milan Pikula - WWW To: securedistros@nl.linux.org Subject: Medusa (long) Was: Re: wish list In-Reply-To: <375FF556.92841B18@cse.ogi.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Thu, 10 Jun 1999, Crispin Cowan wrote: W> * gdb cannot debug StackGuarded programs, because gdb thinks it knows what a stack frame W> looks like. We produced an experimental gdb that knows about StackGuard, but we could W> not figure out how to *detect* StackGuard frames so that gdb could work with mixed code W> (some StackGuarded, some not). W> * StackGuarded ld.so causes problems with some binary-only legacy programs that use libc5 W> (Netscape, Star Office, WABI, and Adobe Acroread). Replacing it with the stock ld.so W> solves the problem, but because it is only manifested by binary-only programs, we W> didn't try to debug it. :) i have an idea how to fix all problems at once: 1. let ld.so be clean version of dynamic linker; make another one compiled with StackGuard; name it /lib/ld-linux-stackguard.so.N 2. when compiling programs with StackGuard enabled, use --dynamic-linker /lib/ld-linux-stackguard.so.N (this can be stored in /usr/lib/gcc-lib/.../specs too.. 3. instruct gdb to look at dynamic linker. W>What's "medusa"? StackGuard was also designed primarily to catch unknown attacks, within a W>certain class of vulnerabilities. What does medusa do? it's designed to catch absolutly unknown attacks. few years ago some local group of crackers attacked our server. we made some changes to the kernel, which decreased the rights of root. it was something like today's 'capabilities' and we wanted to make sure, that if someone gains root access, he will not harm us. it had some nice things, like luid (another thing which appeared in linux later), auditing and if someone with uid 0 made something bad (rm /bin/login), it switched full auditing to that process and all processes by luid tree and changed actual process's (possibly rm) uid and parents uid (roots shell) to 32000=hacker. when you gained access and made mistake, your root shell was gone. you had to exit it and start exploit again. and that second attempt was logged. that was nice.. but we didn't understand the system completly, so there were some great security problems (strings -a /proc/kcore to find passwords..) also we missed the portability - there were too many changes in kernel, so we had no way how to upgrade it.. after another attempt, which contained some changes to the filesystem and was very hard to maintain, we stopped and talked about third version of changes for a year. then we coded something and medusa was born. primary idea of changes is, that the process have no other way to interact with the universe, than a system calls. so we have to trace system calls. iopl() and ioperm() are system calls too, so there is no way to bypass them via direct I/O. we wanted as low number of kernel changes as possible. sending information about all system calls to the user-space and waiting for response will be extremly slow, so we must be able to TRACE only selected SYSCALLS of selected processes. also, if we'll DIVIDE PROCESSES to the different groups, we can let them run without this interaction. the primary goal of all protections is not to catch the bad guy, but to protect the data. So our next target was the FILESYSTEM. Kernel have to ask a user-space daemon, what to do, if the (insecure) process tries to do something. medusa can: * separate processes and files into different "virtual subsystems" * trace/disable any filesystem action (rename, unlink, ...) * trace/disable any 'process' action (signals, fork, exec...) * trace/disable any system call any action can be enabled by daemon, so the kernel will not ask for the next time. to make user-space daemon really configurable, we implemented simple c-like programming language in it. It's pre-compiled at the startup of daemon in order to increase interpretation speed. this language defines the virtual subsystems for processes and files, subroutines which are run when some process performs the traced action and so. short example can be: /* when the i-node for "/bin" is created in VFS * it's sent ONCE for a lifetime of VS entry (which is cached in kernel * infinitly if there is enough RAM) */ for set "/bin" vs = 0b0000000000000011; /* set this virt. subsystem mask */ /* recursive rule, which will be stored in kernel and applied to all * files or directories under "/bin". it's send ONCE from the daemon to the * kernel. */ recursive for set "/bin" vs = 0b0000000000000001; recursive for set "/" vs = 0b0000000000000111; /*************************************************************/ /* 'for' actions are generated by 'filesystem' actions */ for unlink "/etc/passwd" { answer = MED_NOT; /* disable it */ log "Medusa: attempt to delete /etc/passwd by " uid " aka " luid "." } for exec "/usr/bin/sendmail" { vs &= 0b111111111111100; mvs &= 0b111111111111100; wvs &= 0b111111111111100; log "Medusa: process sendmail with pid " pid " was started." } /* 'on' commands are generated by 'process' actions and syscalls. */ on exec { /* this is called twice: before and after exec. */ if (action == 0) /* before */ vs = 0b0000000000000111; } purpose of the example above: /etc/passwd cannot be deleted (kernel asks daemon and daemon will disable it). sendmail cannot access /bin/anything, because it is not in the right virtual subsystems. (there is no communication between kernel and daemon) this was only osmething i wrote right now and have no special importance. for a more usefull example see SampleConfs directory in medusa package. it can be found somewhere at http://fornax.elf.stuba.sk/medusa -- Milan Pikula, WWW. Finger me for Geek Code. http://fornax.elf.stuba.sk/~www, www@fornax.elf.stuba.sk .. dajte mi pewnu linku a pohnem zemegulow .. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Fri Jun 11 16:52:49 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id QAA07820 for securedistros-list; Fri, 11 Jun 1999 16:52:49 +0200 Received: from post.gateone.com (qmailr@[204.244.205.25]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id IAA07816 for ; Fri, 11 Jun 1999 08:52:40 -0600 Received: (qmail 26878 invoked from network); 11 Jun 1999 14:52:28 -0000 Received: from office.wizard.ca (HELO wizard.ca) (204.244.205.12) by mail.gateone.com with SMTP; 11 Jun 1999 14:52:28 -0000 Message-ID: <376126A6.89C22A94@wizard.ca> Date: Fri, 11 Jun 1999 08:09:26 -0700 From: The Web Administrator Organization: Wizard Internet Services X-Mailer: Mozilla 4.08 [en] (Win95; I) MIME-Version: 1.0 To: "securedistros@nl.linux.org" Subject: Dividing this task in two - suggestion Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org I notice that we have two distinct issues in looking for a secure Linux Distro, and we tend to focus on the inner workings side of code/kernel etc included, but the fact still exists that the majority of exploits are known exploits, encountered on servers that are run by small administrators that don't have the ability or time to keep up with the security implications, or that tend to install software that isn't required for their particular need. The first thing I end up doing while performing a security review on a server, is shutting down the many needless daemons running. Also, when we start getting 100's of configuration scripts, we get more chances to 'forget' to button them up. I suggest that the secure distro team be broken up into 2, one team to specify what kind of an out of the box implementation they NEED vs WANT vs OPENS DOOR/POWER, and ask also make it as SIMPLE to maintain, setup, and configure as possible, to minimum the amount of chances of someone making a mistake. In my mind I see the /etc directory becoming minimal, but with everyone knowing that only these files ever need to be modified, and that all the other files, if left untouched, do not run the risk of security implications.. I prefer the slackware concept of less configuration options in the rc.d directory, ie one file to maintain vs many scripts. I would like to see a server installation that starts with a default of completely secure, then allows the system administrator to start adding packages, with the implications of adding them clearly spelled out during installation. ie (x) Secure Server - no remote access allowed, with only root and one admin user installed, no services, no tools, no source, no make etc.. ( ) Web Server Binaries - we include everything we need to run ONLY a web server ( ) mod-perl ( ) DBI ( ) PHP ( ) SSL ( ) FTP Server - (I like proftd) ( ) SSH - for remote access ( ) Mail Server - Too bad about the licensing for qmail ( ) more daemons here.. ( ) installation tools, ie sources, gcc, make, perl etc... ( ) Monitoring Tools, (mrtg/ip-acct, log-trackers, quota support etc..) ( ) xServer stuff - (Hey, although I thik it is crazy on a server, easy of admin might suggest this for the semi-skilled adminstrators) Point is, why does a web server need printing capability?? Why worry about hosts.allow if you only administer it locally? Most distros install by default all the configuration files and tools to make linux so powerful, but generally they are never needed.. I can't beleive how many people are running web servers with NFS enabled, and never ever use it.. Then after this basic framework is decided on, then pass it on to team 2 who can look at the various security implications of the code that is running on the machine. -- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Michael - System Administrator Working in Cheap Canadian Dollars Unix Administration - WebSite Hosting - Network Services - Programming Wizard Internet Services - TechnoWizard Computers - Wizard Tower TechnoServices ------------------------------------------------------------------------------ (604) 589-0037 Beautiful British Columbia, Canada ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Fri Jun 11 18:06:06 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id SAA10441 for securedistros-list; Fri, 11 Jun 1999 18:06:06 +0200 Received: from neon.transmeta.com (neon-best.transmeta.com [206.184.214.10]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id KAA10422 for ; Fri, 11 Jun 1999 10:05:55 -0600 Received: from deepthought.transmeta.com (mailhost.transmeta.com [10.1.1.15]) by neon.transmeta.com (8.9.1/8.9.1) with ESMTP id JAA09943 for ; Fri, 11 Jun 1999 09:05:45 -0700 Received: from transmeta.com (morgan@blighty.transmeta.com [10.1.27.37]) by deepthought.transmeta.com (8.8.8+spamcan/8.8.5) with ESMTP id JAA19029 for ; Fri, 11 Jun 1999 09:05:43 -0700 (PDT) Message-ID: <376133D7.58BAE565@transmeta.com> Date: Fri, 11 Jun 1999 09:05:43 -0700 From: Andrew Morgan Organization: Transmeta Corporation X-Mailer: Mozilla 4.05 [en] (X11; U; Linux 2.2.5 i686) MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: capabilized linux References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Domas Mituzas wrote: > > Hello ALL. > This message is intended for all those, who are checking their suid files > every time. And for those, who do not imagine unix or linux system without > suid programs. Here is a sample of ping. A program, that has to be suid > root in order to listen on a raw device. so - let's look at it: > > [midom@flag midom]$ ls -l /bin/ping > ---x--x--x 1 root root 14804 Apr 7 23:21 /bin/ping > > it shouldn't work normaly... but it works: > > [midom@flag midom]$ ping www.taide.lt > PING taidint.taide.lt (193.219.195.135): 56 data bytes > 64 bytes from 193.219.195.135: icmp_seq=0 ttl=251 time=19.6 ms > 64 bytes from 193.219.195.135: icmp_seq=1 ttl=251 time=79.8 ms > > --- taidint.taide.lt ping statistics --- > 2 packets transmitted, 2 packets received, 0% packet loss > round-trip min/avg/max = 19.6/49.7/79.8 ms > > it really works! why is it so? maybe we should check right here: > > [midom@flag midom]$ /sbin/getcap /bin/ping > Capabilities for `/bin/ping': = cap_net_raw+eip This is a little safer: /sbin/setcap cap_net_raw=ei /bin/ping $ /sbin/getcap /bin/ping Capabilities for `/bin/ping': = cap_net_raw+ei It makes this capability revocable. It can only work when exec'd by processes with the inheritable CAP_NET_RAW raised. In other words, you can run your daemons cap_net_raw-pei and feel less worried about folk breaking them and being able to put crazy packets on the wire - even if they manage to compromise /bin/ping. As a general rule, any program that has fP capabilities ('forced') should authenticate requests for access. fI ('inheritable') capabilities trigger off those in the inheritable set (pI) of the parent, and provide a somewhat similar scheme to the setuid bits of old - for those parents that have been granted a compatible inheritable set. BTW. the file capability stuff is not quite ready for prime time yet - I've not battened down all of the hatches, but it certainly would benefit from some testing. > more information about it: @ > ftp://linux.kernel.org/pub/linux/libs/security/* :-) To be specific: ftp://linux.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.3/ Cheers Andrew - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Fri Jun 11 18:34:38 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id SAA11714 for securedistros-list; Fri, 11 Jun 1999 18:34:38 +0200 Received: from blueznet.com (IDENT:qmailr@BLUEZnet.com [206.180.159.226]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id KAA11711 for ; Fri, 11 Jun 1999 10:34:30 -0600 Received: (qmail 25423 invoked by uid 7801); 11 Jun 1999 16:30:27 -0000 Date: Fri, 11 Jun 1999 11:30:27 -0500 (CDT) From: Darrell Shifflett To: securedistros@nl.linux.org Subject: How to? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org How do i get off this mailing list? \\|// ___________ooO_(o"o)_OoO__________ Darrell Shifflett | (_) | Self Proposed | Sometimes the simplest things | Linux Freak & PERL Lover | in life are often the best | | - Diethyl | bluez@blueznet.com |___________oooO_____Oooo__________| http://www.BLUEZnet.com ( )/ ( ,) \_) (_/ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Fri Jun 11 19:31:25 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id TAA13829 for securedistros-list; Fri, 11 Jun 1999 19:31:25 +0200 Received: from raven.bu.edu (RAVEN.BU.EDU [128.197.128.31]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id LAA13818 for ; Fri, 11 Jun 1999 11:31:16 -0600 Received: from localhost (jehahn@localhost) by raven.bu.edu ((8.8.8.buoit.v1.0)/8.8.8/(BU-S-10/08/98-v1.0)) with ESMTP id NAA04670 for ; Fri, 11 Jun 1999 13:31:08 -0400 (EDT) Message-Id: <199906111731.NAA04670@raven.bu.edu> To: securedistros@nl.linux.org Subject: capabilized linux In-reply-to: Your message of "Fri, 11 Jun 1999 11:13:25 +0200." Date: Fri, 11 Jun 1999 13:31:08 -0400 From: Justin Hahn Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Domas Mituzas writes: dm> [midom@flag midom]$ /sbin/getcap /bin/ping dm> Capabilities for `/bin/ping': = cap_net_raw+eip dm> dm> ahh... ye... here we have capabilities for ping, that let for this program dm> to listen to raw devices... dm> dm> Of course it can cause security problems (setting such capabilities on dm> sniffers so they can do their work while running as ordinary user..., but dm> in order to check for sniffers it's better to look which processes are dm> using raw device and/or promiscous mode :-) A better approach may be to set ping to be setuid, and use the ELF header capabailites patches that were floating around lkml (did they get applied to the torvalds kernel?) to reduce the capabilities to just those necessary. That way ping still works on non-capability aware kernels, and is easier to audit. So far as I can tell it will still have the same security problems, but this way a suid scanning tool will pick it up. ----------------------------------------------- Justin Hahn Systems Administrator Boston University SPI Lab ----------------------------------------------- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Fri Jun 11 20:09:13 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id UAA15436 for securedistros-list; Fri, 11 Jun 1999 20:09:13 +0200 Received: from zor.hut.fi (zor.hut.fi [130.233.242.65]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id MAA15422 for ; Fri, 11 Jun 1999 12:09:03 -0600 Received: from localhost (waste@localhost) by zor.hut.fi (8.9.1/8.9.1) with ESMTP id VAA15607 for ; Fri, 11 Jun 1999 21:10:36 +0300 Date: Fri, 11 Jun 1999 21:10:36 +0300 (EEST) From: Toxic Waste To: securedistros@nl.linux.org Subject: Re: How to? In-Reply-To: Message-ID: X-URL: http://jya.com/usa-rfa.htm X-URL: http://www.iptvreports.mcmail.com/ic2kreport.htm X-no-archive: Yes MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Fri, 11 Jun 1999, Darrell Shifflett wrote: > How do i get off this mailing list? How did you get on it in the first place? - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Fri Jun 11 20:15:34 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id UAA15959 for securedistros-list; Fri, 11 Jun 1999 20:15:34 +0200 Received: from fury.localdomain ([206.96.95.106]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id MAA15947 for ; Fri, 11 Jun 1999 12:15:22 -0600 Received: from localhost (y2k@localhost) by fury.localdomain (8.8.7/8.8.7) with ESMTP id LAA16947 for ; Fri, 11 Jun 1999 11:05:25 -0700 X-Authentication-Warning: fury.localdomain: y2k owned process doing -bs Date: Fri, 11 Jun 1999 11:05:25 -0700 (PDT) From: Y2K X-Sender: y2k@fury.localdomain To: securedistros@nl.linux.org Subject: Re: capabilized linux In-Reply-To: <199906111731.NAA04670@raven.bu.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org On Fri, 11 Jun 1999, Justin Hahn wrote: > A better approach may be to set ping to be setuid, and use the ELF > header capabailites patches that were floating around lkml (did they > get applied to the torvalds kernel?) to reduce the capabilities to Nope they haven't been applied Linus said that they were too elfish. I want to get it working with an a.out system to prove that the concept can work with other binfmts; however I don't have an a.out system and my attempts to build a static linked a.out program even as simple as int main(void) { return 0; } haven't progressed too far. Does anyone have an a.out system that would like to help test at least or advice on how link together an old a.out static on a newer system? > just those necessary. That way ping still works on non-capability > aware kernels, and is easier to audit. So far as I can tell it will > still have the same security problems, but this way a suid scanning > tool will pick it up. -- Any caps I mention are *derived* from a withdrawn draft posix document. See http://www.millenniumproductsllc.com/sjp/ for more info. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Fri Jun 11 22:05:20 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id WAA20524 for securedistros-list; Fri, 11 Jun 1999 22:05:20 +0200 Received: from mx.nkm.lt (qmailr@nkm.tdd.lt [193.219.211.9]) by nl.linux.org (8.9.1a/8.9.3) with SMTP id OAA20494 for ; Fri, 11 Jun 1999 14:05:07 -0600 Received: (qmail 25242 invoked from network); 11 Jun 1999 20:05:01 -0000 Received: from nkm.tdd.lt (HELO mx.nkm.lt) (midom@193.219.211.9) by nkm.tdd.lt with SMTP; 11 Jun 1999 20:05:01 -0000 Date: Fri, 11 Jun 1999 22:05:00 +0200 (CEST) From: Domas Mituzas X-Sender: midom@mx.nkm.lt To: securedistros@nl.linux.org Subject: enhancing the capabilities. Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hello again. Now I tried to analize the bad sides of capabilities and how they can be removed. We can take for example qmail server. Some parts of it need root for such reasons: tcpserver - in order to listen on port 25. qmail-lspawn - in order to spawn processes for user, also calling setuid and setgid. first one can be easily fixed by giving proc_net_bind_service capability. ok. the second one needs cap_setuid and cap_setgid. all security guys would say, that by giving cap_setuid capability you give root access, as it is possible to make setuid(0), so obtainins root access and all capabilities together. That is why I tried to separate setuid and setsuid (set superuser id :-) capabilities, so a program, that doesn't have root can still spawn processes with other uids, but it can't obtain root... this is perfect for apache, qmail, sendmail etc. - all theese programs actually do not need root - they just spawn processes, that change their uids. hence, we can forget the need of root for any running daemons. also I made chown su:su su, chmod --x--x--x for /bin/su and made --s--x--- for su-root. first program has setuid,setgid and dac_read_search capability, and another is normal setuid program. Hence, to change user id via su there is no need of root interaction. (dac_read_search allows reading even --------- files). Of course, setting ACLs on separate files and giving capabilities for accessing separate files or tcp/udp ports would make the security better, but now what we have is a progress comparing with everything setuid (especially when /proc was not developed :-) I understand the linux-privs project is still under development, but I hope the facts I bring will make the group of supporters bigger :) With respect, Domas Mituzas - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sat Jun 12 00:46:14 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA25925 for securedistros-list; Sat, 12 Jun 1999 00:46:14 +0200 Received: from neon.transmeta.com (neon-best.transmeta.com [206.184.214.10]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id QAA25903 for ; Fri, 11 Jun 1999 16:46:01 -0600 Received: from deepthought.transmeta.com (mailhost.transmeta.com [10.1.1.15]) by neon.transmeta.com (8.9.1/8.9.1) with ESMTP id PAA16763 for ; Fri, 11 Jun 1999 15:45:55 -0700 Received: from transmeta.com (morgan@blighty.transmeta.com [10.1.27.37]) by deepthought.transmeta.com (8.8.8+spamcan/8.8.5) with ESMTP id PAA07499 for ; Fri, 11 Jun 1999 15:45:55 -0700 (PDT) Message-ID: <376191A2.2B6DCDF1@transmeta.com> Date: Fri, 11 Jun 1999 15:45:54 -0700 From: Andrew Morgan Organization: Transmeta Corporation X-Mailer: Mozilla 4.05 [en] (X11; U; Linux 2.2.5 i686) MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: enhancing the capabilities. References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Domas Mituzas wrote: > > Hello again. > > Now I tried to analize the bad sides of capabilities and how they can be > removed. We can take for example qmail server. Some parts of it need root > for such reasons: > tcpserver - in order to listen on port 25. > qmail-lspawn - in order to spawn processes for user, also calling setuid > and setgid. > > first one can be easily fixed by giving proc_net_bind_service capability. > ok. > the second one needs cap_setuid and cap_setgid. all security guys would > say, that by giving cap_setuid capability you give root access, as it is If you are using capabilities as they were intended the uid=0 account can be relagated to the impotence of a 'normal' account. And, besides if 'qmail-lspawn' has pI=0, I think you'll find that no matter what account the user is granted, it will come with no potential for inheriting capabilities. In order to get some, it will have to pass through another authenticating (fP != 0 remember) program. Think more about individual programs doing privileged things and less about a given user weilding power with everything and anything he executes. BTW. I'm not convinced this is the forum for discussing the development of these patches, there is a meailing list at MIT for this stuff already (linux-privs-request@mit.edu) so far, its mostly been posted to by people willing to work on the code, so please think twice about bringing non-technical discussion there. Cheers Andrew - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sat Jun 12 00:51:45 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA26322 for securedistros-list; Sat, 12 Jun 1999 00:51:45 +0200 Received: from neon.transmeta.com (neon-best.transmeta.com [206.184.214.10]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id QAA26270 for ; Fri, 11 Jun 1999 16:51:23 -0600 Received: from deepthought.transmeta.com (mailhost.transmeta.com [10.1.1.15]) by neon.transmeta.com (8.9.1/8.9.1) with ESMTP id PAA16860 for ; Fri, 11 Jun 1999 15:51:17 -0700 Received: from transmeta.com (morgan@blighty.transmeta.com [10.1.27.37]) by deepthought.transmeta.com (8.8.8+spamcan/8.8.5) with ESMTP id PAA07743 for ; Fri, 11 Jun 1999 15:51:16 -0700 (PDT) Message-ID: <376192E4.F6FA382D@transmeta.com> Date: Fri, 11 Jun 1999 15:51:16 -0700 From: Andrew Morgan Organization: Transmeta Corporation X-Mailer: Mozilla 4.05 [en] (X11; U; Linux 2.2.5 i686) MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: enhancing the capabilities. References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Domas Mituzas wrote: > but now what we have is a progress comparing with everything setuid > (especially when /proc was not developed :-) BTW. Here is an old patch to make /proc mountable as another user (mount -o uid=...): ftp://linux.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.2/uid-proc.patch Cheers Andrew - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sat Jun 12 21:01:42 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id VAA30450 for securedistros-list; Sat, 12 Jun 1999 21:01:42 +0200 Received: from router.andy.alt.za (IDENT:root@router.andy.alt.za [196.28.82.90]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id NAA30438 for ; Sat, 12 Jun 1999 13:01:29 -0600 Received: from andy.alt.za (IDENT:andrew@andy.alt.za [196.3.162.2]) by router.andy.alt.za (8.9.3/8.9.3) with ESMTP id UAA00446 for ; Sat, 12 Jun 1999 20:56:18 +0200 Date: Sat, 12 Jun 1999 21:01:10 +0200 (SAST) From: Andrew Cameron To: securedistros@nl.linux.org Subject: Re: Wish List, Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Hi, I would like to see the secure distribution shipped with a compiler like stackguard. That way should someone write code that has overflows in it the compiler will prevent that from being a problem. Regards Andrew ----------------------------------------------------------------------------- Andrew Cameron Internet : andrew@andy.alt.za X.400 : C=ZA G=Andrew S=Cameron Admd=TELKOM400 ---------------------------------------------------------------------------- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 14 00:10:22 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA14545 for securedistros-list; Mon, 14 Jun 1999 00:10:22 +0200 Received: from smtp11.bellglobal.com (smtp11.bellglobal.com [204.101.251.53]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id QAA14540 for ; Sun, 13 Jun 1999 16:10:12 -0600 Received: from sympatico.ca (cpu1617.adsl.bellglobal.com [206.47.27.98]) by smtp11.bellglobal.com (8.8.5/8.8.5) with ESMTP id SAA27623 for ; Sun, 13 Jun 1999 18:13:01 -0400 (EDT) Message-ID: <37642C6E.20048D9@sympatico.ca> Date: Sun, 13 Jun 1999 18:10:54 -0400 From: Sandy Harris X-Mailer: Mozilla 4.5 [en]C-SYMPA (Win95; U) X-Accept-Language: en,fr-CA MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: Encrypted SMTP (was Re: wish list) References: <199906071907.EAA13354@fiend.securesys.com.au> <199906071311.SAA09933@bhairavi.newdelhi.sgi.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Ray Jones wrote: > > Anyhow, I feel that it's more important to have user-level mail > > encryption rather than system- or connection-level encryption. Not > > that the latter is not important! Both are important, but they have different functions. > However, the arguments are: > > > > 1. System- and connection-level encryption is a massive load on the > > CPU. If all (or most) of your SMTP connections are encrypted, which > > is presumably what we're aiming for, then your CPU will be doing > > nothing except handling 20 open SMTP connections at any given time. A 486/66 at half load handles 3DES for a T1. http://www.xs4all.nl/~freeswan/freeswan_trees/freeswan-1.00/doc/glossary.html#3DES [snip] > *Not using encrypted communication when it's available is almost > always the wrong thing.* It gives the eavesdropper a strong hint that > they chould concentrate their resources on the encrypted > communication. You've leaked a single bit of information, but it's > one with high value. It's also an invitation to accidentally send > something in the clear when you meant to encrypt it. > > > Keeping this in mind, I'd rather focus on user-level security, > > i.e. PGP, GnuPG or an equivalent. There the user has the choice of > > whether to encrypt the message or not, and privacy is much much > > higher. In other words, encrypt the payload and let the connection > > take care of itself. > > These methods are less than optimal because they fail to hide as much > information as they should. Mail headers are for the most part left > in the clear. Traffic analysis is in many cases more important than > content analysis. Fully encrypted exchanges are one step closer to > where you want to be. (Mixmaster/Onion routing goes even further...) IPSEC can encrypt everything passing over an untrusted network. Linux IPSEC distribution is at: http://www.xs4all.nl/~freeswan With correct configuration and usage, this can provide some resistance to traffic analysis. You need some form of anonymus routing protocol as well to really defeat traffic analysis, though, and IPSEC does not provide that. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 14 00:26:28 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id AAA15340 for securedistros-list; Mon, 14 Jun 1999 00:26:28 +0200 Received: from pixie.mit.edu (IDENT:root@PIXIE.MIT.EDU [18.238.0.85]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id QAA15335 for ; Sun, 13 Jun 1999 16:26:18 -0600 Received: by pixie.mit.edu (Linux Smail3.2.0.101 #1) id m10tIhe-00109IC; Sun, 13 Jun 1999 18:26:10 -0400 (EDT) To: securedistros@nl.linux.org Subject: Re: Encrypted SMTP (was Re: wish list) References: <199906071907.EAA13354@fiend.securesys.com.au> <199906071311.SAA09933@bhairavi.newdelhi.sgi.com> <37642C6E.20048D9@sympatico.ca> From: Ray Jones In-Reply-To: Sandy Harris's message of Sun, 13 Jun 1999 18:10:54 -0400 Date: 13 Jun 1999 18:26:10 -0400 Message-ID: Lines: 33 X-Mailer: Gnus v5.2.37/Emacs 19.30 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sandy Harris writes: > IPSEC can encrypt everything passing over an untrusted network. > Linux IPSEC distribution is at: > > http://www.xs4all.nl/~freeswan > > With correct configuration and usage, this can provide some resistance > to traffic analysis. You need some form of anonymus routing protocol > as well to really defeat traffic analysis, though, and IPSEC does not > provide that. Encrypted SMTP and IPSEC address privacy at two different levels. I'm not experienced enough to know what's considered the correct thing, though, when presented with encryption at two levels. Is it better to use both (in case one fails) or to just use one, given the unknown nature of interactions between the ciphers. Can anyone provide me pointers to analysis (or even some case studies) involving this sort of multi-layer encryption? Ray Jones -----BEGIN PGP SIGNATURE----- Version: GnuPG v0.9.7 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE3ZDAAY4NKW4VSSGARAsJnAJ9/58kfdE0zfI379CHqFusb2UmSfwCfeJbe ONgMYdMMSWUvZWMfTjKqb0E= =WB5H -----END PGP SIGNATURE----- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Thu Jun 17 17:04:45 1999 Received: (from postmaster@localhost) by nl.linux.org (8.9.1a/8.9.3) id RAA28657 for securedistros-list; Thu, 17 Jun 1999 17:04:45 +0200 Received: from gamera.ucs.umbc.edu (gamera.ucs.umbc.edu [130.85.70.99]) by nl.linux.org (8.9.1a/8.9.3) with ESMTP id JAA28653 for ; Thu, 17 Jun 1999 09:04:19 -0600 Received: by gamera.ucs.umbc.edu (Postfix, from userid 37585) id E817B18E94D; Thu, 17 Jun 1999 11:04:18 -0400 (EDT) Date: Thu, 17 Jun 1999 11:04:18 -0400 From: "J. Lasser" To: secsig@tux.org, securedistros@nl.linux.org, securelinux@reseau.nl, security-audit@ferret.lmh.ox.ac.uk Subject: Call for Papers SANS 1999 Workshop On Securing Linux Message-ID: <19990617110418.E231731@gamera.ucs.umbc.edu> Mail-Followup-To: secsig@tux.org, securedistros@nl.linux.org, securelinux@reseau.nl, security-audit@ferret.lmh.ox.ac.uk Mime-Version: 1.0 Content-Type: multipart/signed; boundary=tqI+Z3u+9OQ7kwn0; micalg=pgp-md5; protocol="application/pgp-signature" X-Mailer: Mutt 0.95.6i Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org --tqI+Z3u+9OQ7kwn0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable In case anyone hasn't seen the announcement; also please note that papers aren't limited to those involving Bastille Linux; we're certainly looking for papers involving other distributions and non-distribution-specific material too. ----- Begin Forwarded Message ----- Date: Tue, 15 Jun 1999 11:03:39 -0700 From: Laura LeHew Subject: Call for Papers SANS 1999 Workshop On Securing Linux Call for Papers SANS 1999 Workshop On Securing Linux December 15-16, 1999=20 San Francisco Deadline June 28, 1999 =20 Note: Best proposal will get a free trip to San Francisco to present their paper at the conference =20 Conference Objective Topics=20 Who Should Submit a Proposal=20 How to Submit a Proposal=20 Questions=20 Program Sponsors =20 LINUX is winning! Where other new operating systems failed, LINUX is gaining converts among users and vendors at an increasing rate, proving that the community of computer users can create extraordinarily valuable tools. At the same time Linux systems are the targets of a huge number of successful attacks. There is debate over the causes of storm of Linux security incidents, but whether it is the operating system's immaturity or the carelessness of its users, continued growth demands that Linux users and the developer community meet the security challenges. An important initiative was launched at SANS99 in Baltimore. Linux experts from more than a dozen universities are jointly creating a hardened version of Red Hat Linux, in a project named Bastille Linux. They are fixing the default configurations and adding security features so the university administrators will feel safer distributing Linux to students. Information on the project may be found at http://www.bastille-linux.org/ . Every person who attends the Securing Linux Workshop will be given a copy for adaptation and/or redistribution. There's more that can and is being done to make Linux systems less vulnerable. If you are one of the people who have developed home-grown solutions or are one of the developers of a more secure version of Linux, please submit a proposal for the Securing Linux Workshop. If you have solutions (even partial ones) we welcome your input. The 1999 SANS San Francisco Network Security Conference is being held concurrently with the Intrusion Detection & Response Training Conference, where the nation's top network security and intrusion detection experts, people like Stephen Northcutt, Gene Schultz, Randy Marchany, Ed Skoudis, and many more will be teaching in-depth, full-day, intense courses for security practitioners. We hope that you will consider joining the Securing Linux Workshop to extend this tradition of quality by submitting a proposal for: A paper focused on practical solutions (2-10 pages) along with a presentation (25 or 50 minutes) other types of presentations (panels, demonstrations, mini-tutorials, etc. - 15-90 minutes in length) Even if you choose not to submit a short paper and presentation, we hope you will join us in San Francisco on December 11 - 16, 1999 for the workshops and courses that you feel will be helpful in meeting your professional needs. Course titles and a preliminary schedule will be posted to http://www.sans.org around July 15, 1999. Topics Any topic that you feel would provide immediate pragmatic information on Linux security to an assortment of researchers, practitioners, and observers coming to the workshop is invited. Here are a few topic groups that might give you ideas, but submissions are by no means confined to these: Hardening the Operating System Improving Practices and Procedures Risks Particular to Linux Systems Configuration Errors Silly Things Users Do Good New Tools Bad Tools New or Old Automating Installation to Reduce Risks Network-Based Intrusion Detection Host-Based Intrusion Detection Vulnerability Analysis Who Should Submit A Proposal and Why Should You Anyone who has done useful work in improving the security of Linux systems is invited to submit a proposal. The recognition afforded by being chosen to present some of your work can be a marvelous avenue of professional growth and can yield results throughout many aspects of your career. If you have a solution that you would like to share, please consider taking the time to write it up and submit a proposal to SANS. Being selected to be a part of the SANS faculty gets you more than just the rare ID&R-Securing Linux polo shirts. It also conveys an appreciation of the value you are contributing to the field. You don't have to be solving the largest problems in order to have your proposals accepted. We are looking for a wide variety of proposals and encourage you to submit one even if you are not sure of its worth. Besides the distinctive polo shirts, authors also earn substantial discounts on conference and tutorial attendance. If you are a vendor, please consider joining the SANS evening vendor presentation program. Contact daragh@sans.org for opportunities to present technical aspects of your products to SANS participants in a variety of venues. How To Submit A Proposal Send an email to laura@deer-run.com with the subject `Securing Linux Proposal'. Submissions will only be accepted in any of the following formats: PDF, Word '97, PowerPoint '97, ASCII text, or HTML. Deadline for submission is June 28, 1999. Please include the following items: Your Name Preferred email Phone Fax Employer Surface mail address The title of your proposed presentation The length (25 minute presentation with 2-5 page paper or an alternative format). At least three paragraphs containing: The specific challenges or problems the presentation will help the audience solve. The approach you used including any specific tools you created or used The evidence you have that proves that your approach works well and can be used by other people. SANS has made great strides in the past few years and is now recognized as one of the two most useful learning opportunities in the system administration, networking, and security field. This year, SANS is introducing policies that will enable us to continue to earn quality accolades: All presentations focus on actual challenges faced by system administrators, security professionals, and network managers. All presentations provide practical solutions that can be implemented immediately. All daytime presentations are free of vendor bias (except the panels in which multiple vendors are speaking together and will `correct' one another). Vendors and their representatives are welcome to present in the SANS evening program. All presenters will be given opportunities to ensure their presentation skills are the best they can be: through pre-conference training Programs, coaching-on-request for content and speaking, and/or audio tape exchange. =20 Questions=20 =20 Please contact laura@deer-run.com with questions. =20 Program Committee Chairs Alan Paller, The SANS Institute Jon Lasser, University of Maryland Baltimore Campus --=20 Jon Lasser (410)383-7962 http://www.tux.org/~lasser/ Work: jon@umbc.edu Home: jon@lasser.org "The more you drive, the less intelligent you get." -- Repo Man --tqI+Z3u+9OQ7kwn0 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia iQCVAwUBN2kOcisJJQQiCQ0lAQEpSAP/fIAS6KgtJetdHaPiNlgxzivjEuXsjXpP 7//Qmd9qxBMbuXN0GQH6A3UvErnH27TMfOKDs5Vj7uXRJ+j1cAIEP1ChG0u/zjdw w5Nsy1qsGRBmFvVxY23Wbc3frd+tQyfmSt/OCXRZINmn6osOZbdhxgpFj0T4rNpE XMr87hNgAN4= =rZNm -----END PGP SIGNATURE----- --tqI+Z3u+9OQ7kwn0-- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sat Jun 19 07:34:19 1999 Received: by humbolt.nl.linux.org id ; Sat, 19 Jun 1999 07:32:35 +0200 Received: from 1Cust195.tnt2.manassas.va.da.uu.net ([153.37.125.195]:47620 "EHLO defiant.sonsofthunder.ddns.org") by humbolt.nl.linux.org with ESMTP id ; Sat, 19 Jun 1999 07:32:16 +0200 Received: from localhost (storm@localhost) by defiant.sonsofthunder.ddns.org (8.9.3/8.9.1) with ESMTP id AAA08752 for ; Sat, 19 Jun 1999 00:59:10 -0400 Date: Sat, 19 Jun 1999 00:58:50 -0400 (EDT) From: Brad Alexander To: securedistros@humbolt.nl.linux.org Subject: Re: Wish List, In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 12 Jun 1999, Andrew Cameron wrote: > Hi, > > I would like to see the secure distribution shipped with a compiler like > stackguard. That way should someone write code that has overflows in it > the compiler will prevent that from being a problem. Sorry about the late reply, but I'm really playing catchup. The problem with StackGuard is that its not kernel-compile safe... - --Brad ============================================================================ Bradley M. Alexander | Co-Chairman, Unix System Admin/Security Specialist | NoVALUG/DCLUG Security SIG DARPA/CAC | storm@tux.org Arlington, VA | (703) 593-3913 ============================================================================ -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQA/AwUBN2sVjLvGRZae3bMfEQKRjQCg4dq9e1meMB9iBA7yU02WYP6rzxMAnjHA cP4tJoa2lo8AE2Ozw3AAszmY =dOtd -----END PGP SIGNATURE----- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sat Jun 19 13:06:25 1999 Received: by humbolt.nl.linux.org id ; Sat, 19 Jun 1999 13:00:03 +0200 Received: from post-10.mail.nl.demon.net ([194.159.73.20]:57051 "EHLO post.mail.nl.demon.net") by humbolt.nl.linux.org with ESMTP id ; Sat, 19 Jun 1999 12:59:14 +0200 Received: from [212.238.108.69] (helo=agratax.demon.nl) by post.mail.nl.demon.net with esmtp (Exim 2.02 #1) id 10vIq7-0001pU-00 for securedistros@nl.linux.org; Sat, 19 Jun 1999 10:59:12 +0000 Received: from localhost (user: 'riel', uid#500) by mirkwood.nl.linux.org with ESMTP id ; Sat, 19 Jun 1999 10:57:46 +0200 Date: Sat, 19 Jun 1999 10:57:11 +0200 (CEST) From: Rik van Riel To: securedistros@humbolt.nl.linux.org Subject: Security extensions to Posix (what would have been Posix.1e/2c) (fwd) Message-ID: X-Search-Engine-Bait: http://humbolt.nl.linux.org/ X-My-Own-Server: http://www.nl.linux.org/ MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list Hi, I saw this message on bugtraq -- it might be fun for some of the more hard-line security folks out there... Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ ---------- Forwarded message ---------- Date: Thu, 17 Jun 1999 20:37:13 +0200 From: Winfried Truemper To: BUGTRAQ@NETSPACE.ORG Subject: Security extensions to Posix (what would have been Posix.1e/2c) Process capabilities, audit and information labeling should have been widely introduced and standarized by Posix.1e/2c. Last year the IEEE dropped the standard, because it was not clear when the standards would ever be finished. However, there are very interesting ideas described in those documents and they provide a good starting point when adding better security mechanisms to Unix. So I made an agreement with the IEEE, which allows me to offer the unfinished standards works for public downloading. The address is http://www.guug.de/~winni/posix.1e/download.html Please note, that re-distribution is not allowed. The agreement was made possible by the help of Mary Shepherd (IEEE) and Casey Schaufler (SGI), the former technical editor of the standard. I want to thank both for their work and the IEEE for their generous gesture. -Winfried --------------------------------------------------------------- Xpilot players summercamp 1999 in Skallerup (north of denmark) For details see http://www.guug.de:8080/cgi-bin/summermeeting/ --------------------------------------------------------------- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sat Jun 19 21:01:37 1999 Received: by humbolt.nl.linux.org id ; Sat, 19 Jun 1999 20:59:22 +0200 Received: from post-10.mail.nl.demon.net ([194.159.73.20]:51332 "EHLO post.mail.nl.demon.net") by humbolt.nl.linux.org with ESMTP id ; Sat, 19 Jun 1999 20:58:56 +0200 Received: from [212.238.108.69] (helo=agratax.demon.nl) by post.mail.nl.demon.net with esmtp (Exim 2.02 #1) id 10vQKM-0003pa-00 for securedistros@nl.linux.org; Sat, 19 Jun 1999 18:58:56 +0000 Received: from mirkwood.nl.linux.org ([10.0.0.1]:35079 "EHLO mirkwood.nl.linux.org") by mirkwood.nl.linux.org with ESMTP id ; Sat, 19 Jun 1999 20:57:56 +0200 Date: Sat, 19 Jun 1999 20:57:54 +0200 (CEST) From: Rik van Riel To: securedistros@humbolt.nl.linux.org Subject: MTA Message-ID: X-Search-Engine-Bait: http://humbolt.nl.linux.org/ X-My-Own-Server: http://www.nl.linux.org/ MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list Not to start an MTA war (we probably want to include multiple MTAs with at least Bastille and Secure Linux), but I wonder which MTAs can be considered secure enough to be used in any secure Unix distribution. I am thinking about the following MTAs: exim (is it safe?) zmailer (fast -- installed on nl.linux.org now) qmail (secure, but rumoured to be somewhat weird) postfix (nice mailer, awful license) sendmail (bad performance, non-secure design, but no major bugs as of late and excellent configurability so newbie admins can also setup a non-spam-relay site) any more to add? Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sat Jun 19 21:43:57 1999 Received: by humbolt.nl.linux.org id ; Sat, 19 Jun 1999 21:42:20 +0200 Received: from pez.hyperreal.org ([207.181.224.6]:60433 "HELO pez.hyperreal.org") by humbolt.nl.linux.org with SMTP id ; Sat, 19 Jun 1999 21:41:57 +0200 Received: (qmail 84747 invoked by uid 4000); 19 Jun 1999 19:43:31 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 19 Jun 1999 19:43:31 -0000 Date: Sat, 19 Jun 1999 12:43:31 -0700 (PDT) From: Brian Behlendorf To: securedistros@humbolt.nl.linux.org Subject: Re: MTA In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list I'd strongly recommend qmail. See the www.qmail.org site for reasons why. Its "weirdness" is more due to having a much different model than sendmail or (as I understand them) most other MTA's - rather than a monolithic setuid binary that does everything, tasks are divided amongst an impressive array of smaller programs, all plugged together with pipes, and using different UID's for things like "receiving mail from the network", "injecting messages into the queue" and "local delivery". The only challenge (actually, it may be a virtue in this case) is that there are precise guidelines to follow when redistributing anything other than the source tarball, but they shouldn't be a problem. I'd also suggest investigating the other software DJB has written: ftp://koobera.math.uic.edu/www/software.html specifically, ucspi-tcp and daemontools. Some of those are designed to replace common daemons with historical security problems (e.g., tcpserver as a replacement for inetd). The downside to using these tools is that the source code can be a bit obscure (it's clear, and DJB documents things extremely well at a high level, but he also believes clear source code is its own best documentation), and the author tends to resist patches that add new features (which explains the wide array of patches available on qmail.org). Postfix would be my second choice, though I state that without having used it myself, but solely on the reputation of the author. Brian (who likes parentheses way too much) On Sat, 19 Jun 1999, Rik van Riel wrote: > Not to start an MTA war (we probably want to include multiple > MTAs with at least Bastille and Secure Linux), but I wonder > which MTAs can be considered secure enough to be used in any > secure Unix distribution. > > I am thinking about the following MTAs: > > exim (is it safe?) > zmailer (fast -- installed on nl.linux.org now) > qmail (secure, but rumoured to be somewhat weird) > postfix (nice mailer, awful license) > sendmail (bad performance, non-secure design, but no major > bugs as of late and excellent configurability so > newbie admins can also setup a non-spam-relay site) > > any more to add? > > Rik -- Open Source: you deserve to be in control of your data. > +-------------------------------------------------------------------+ > | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | > | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | > | Nederlandse Linux documentatie: http://www.nl.linux.org/ | > +-------------------------------------------------------------------+ > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ > - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 20 00:59:51 1999 Received: by humbolt.nl.linux.org id ; Sun, 20 Jun 1999 00:57:49 +0200 Received: from gamera.ucs.umbc.edu ([130.85.70.99]:17274 "HELO gamera.ucs.umbc.edu") by humbolt.nl.linux.org with SMTP id ; Sun, 20 Jun 1999 00:56:53 +0200 Received: by gamera.ucs.umbc.edu (Postfix, from userid 37585) id 55DF018E94D; Sat, 19 Jun 1999 18:56:52 -0400 (EDT) Date: Sat, 19 Jun 1999 18:56:52 -0400 From: "J. Lasser" To: Brian Behlendorf Cc: securedistros@humbolt.nl.linux.org Subject: Re: MTA Message-ID: <19990619185652.A253110@gamera.ucs.umbc.edu> References: Mime-Version: 1.0 Content-Type: multipart/signed; boundary=huq684BweRXVnRxX; micalg=pgp-md5; protocol="application/pgp-signature" X-Mailer: Mutt 0.95.6i In-Reply-To: ; from Brian Behlendorf on Sat, Jun 19, 1999 at 12:43:31PM -0700 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list --huq684BweRXVnRxX Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable In the wise words of Brian Behlendorf: > Its "weirdness" is more due to having a much different model than sendmail > or (as I understand them) most other MTA's - rather than a monolithic > setuid binary that does everything, tasks are divided amongst an > impressive array of smaller programs, all plugged together with pipes, and > using different UID's for things like "receiving mail from the network", > "injecting messages into the queue" and "local delivery". The only > challenge (actually, it may be a virtue in this case) is that there are > precise guidelines to follow when redistributing anything other than the > source tarball, but they shouldn't be a problem. Well, Postfix does this too, but QMail seems to go out of its way to ignore RFCs DJB doesn't like. As far as security, I'm not sure that either of the two packages is particularly secure in the real world, though the authors of both packages claim that they are. They each have different DoS holes than the other, but you simply can't protect a mail system from malicious local users... Sendmail has had no buffer overflows AFAIK since the code was audited (2.9.0 was the first audited version), and the only bugs since then security-wise have all been odd DoS cases. I think sticking with Sendmail is probably best, though Postfix is what I use on my own boxes. (Both the QMail and Postfix licenses aren't really nice if you want to ship the software...) Jon --=20 Jon Lasser (410)383-7962 http://www.tux.org/~lasser/ Work: jon@umbc.edu Home: jon@lasser.org "The more you drive, the less intelligent you get." -- Repo Man --huq684BweRXVnRxX Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia iQCVAwUBN2wgMysJJQQiCQ0lAQFvpQP9HVfZ6xS3JA7AXAMCSS+St58w4ReWTU2V 4WbC5B9myEjIcmx869zVKdWB0PtNv83yc8UN29uhfOr8frHUTaKI+2U4apR5XOu+ pdTf4CmjOQ6fYP5HHTCTkrqsuHAfoAggkwutx53szIgQXGnwcNjEdWbhmXsVXHZP pxCkYAQvSX8= =k1qj -----END PGP SIGNATURE----- --huq684BweRXVnRxX-- - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 20 04:40:51 1999 Received: by humbolt.nl.linux.org id ; Sun, 20 Jun 1999 04:39:09 +0200 Received: from [202.241.243.104] ([202.241.243.104]:23818 "HELO nsm.htp.org") by humbolt.nl.linux.org with SMTP id ; Sun, 20 Jun 1999 04:38:51 +0200 Received: (qmail 28898 invoked from network); 20 Jun 1999 02:38:06 -0000 Received: from localhost (127.0.0.1) by localhost with SMTP; 20 Jun 1999 02:38:06 -0000 To: securedistros@humbolt.nl.linux.org Subject: Re: MTA From: sen_ml@eccosys.com In-Reply-To: Your message of "Sat, 19 Jun 1999 18:56:52 -0400" <19990619185652.A253110@gamera.ucs.umbc.edu> References: <19990619185652.A253110@gamera.ucs.umbc.edu> X-Mailer: Mew version 1.93 on Emacs 20.3 / Mule 4.0 (HANANOEN) X-No-Archive: Yes Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: <19990620113542S.sen_ml@eccosys.com> Date: Sun, 20 Jun 1999 11:35:42 +0900 X-Dispatcher: imput version 980905(IM100) Lines: 74 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list At around Sat, 19 Jun 1999 18:56:52 -0400, "J. Lasser" may have mentioned: > In the wise words of Brian Behlendorf: > > > Its "weirdness" is more due to having a much different model than sendmail > > or (as I understand them) most other MTA's ... > but QMail seems to go out of its way to ignore RFCs DJB doesn't > like. i remember noticing one, but i don't recall multiple. could you elaborate on exactly which rfcs? if this is a criterion, perhaps it would help to draw up an item-by-item comparison of all candidate mtas. are things such as: ease-of-configuration (may be this is subjective), number of lines of code (i suppose this only really makes a difference if a given mta has significantly more or less lines of code), modularity of design relevant criteria in your opinon? > As far as security, I'm not sure that either of the two packages is > particularly secure in the real world, though the authors of both > packages claim that they are. They each have different DoS holes > than the other, but you simply can't protect a mail system from > malicious local users... perhaps also explicitly listing what is considered secure would be helpful. you mentioned DoS holes and buffer overflows -- are there any other specifics? do you also feel that a system which does not provide shell access to users suffers the same problems you hint at regarding malicious local users? > Sendmail has had no buffer overflows AFAIK since the code was audited > (2.9.0 was the first audited version), for clarification, is 2.9.0 a different version numbering for the commercial version? perhaps you meant 8.9.0? > and the only bugs since then security-wise have all been odd DoS > cases. this is similar to the cases of qmail and postfix, right? > I think sticking with Sendmail is probably best, though Postfix is > what I use on my own boxes. 'sticking' w/ sendmail doesn't necessarily apply to everyone because they may have started w/ another mta -- and i don't mean just people who came to the net relatively recently. > (Both the QMail and Postfix licenses aren't really nice if you want > to ship the software...) perhaps the licensing issue should be listed as a criterion as well. if a decision is to be made by a given distribution, wouldn't it make sense to draw up a list and attach the reasoning (especially for something like an mta)? each distribution would probably have slightly different criteria, but a fair number of the points may be relevant to all of them. just some thoughts :-) - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 20 06:43:45 1999 Received: by humbolt.nl.linux.org id ; Sun, 20 Jun 1999 06:41:50 +0200 Received: from pez.hyperreal.org ([207.181.224.6]:13316 "HELO pez.hyperreal.org") by humbolt.nl.linux.org with SMTP id ; Sun, 20 Jun 1999 06:41:28 +0200 Received: (qmail 85599 invoked by uid 4000); 20 Jun 1999 04:43:07 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 20 Jun 1999 04:43:07 -0000 Date: Sat, 19 Jun 1999 21:43:07 -0700 (PDT) From: Brian Behlendorf To: "J. Lasser" cc: securedistros@humbolt.nl.linux.org Subject: Re: MTA In-Reply-To: <19990619185652.A253110@gamera.ucs.umbc.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list On Sat, 19 Jun 1999, J. Lasser wrote: > Well, Postfix does this too, but QMail seems to go out of its way to > ignore RFCs DJB doesn't like. There are good RFC's and bad RFC's. In what way is Qmail's (non)compliance with mail standards an issue? I've never had an operational problem with it. > As far as security, I'm not sure that > either of the two packages is particularly secure in the real world, > though the authors of both packages claim that they are. There are lots of people using Qmail in "the real world" (as best I can tell, you mean people using it in production environments where security is critical). There was a security bug contest for Qmail at one point - $1000 to the first person to find an actual (non-DoS) hole. No one did, so the contest was closed. > They each have > different DoS holes than the other, but you simply can't protect a mail > system from malicious local users... Define "protect". If you mean you can't prevent a user from filling the space allotted for the mail queue, you're right - I don't consider this a security hole, more a resource management issue. If you mean you can't prevent the user from consuming all available memory and CPU, you are incorrect. If you are implying that no mail system can secure users against reading each other's mail or running commands as other users (assuming no root compromise), you are incorrect. > (Both the QMail and Postfix licenses aren't really nice if you want to > ship the software...) DJB set certain terms for binary redistribution, but all it means is to take care in preparing the package. See ftp://koobera.math.uic.edu/www/qmail/dist.html The larger question this group should be asking itself is, do you commit to one MTA, or provide a set of MTA's that can be selected and used. My sentiment would be to go with a single MTA. An even larger question that this begs is, to what degree is a secure distribution intended to be a full-fledged multifaceted multifunctional collection of different programs, or instead, a simple "toaster" for the standard network services, where ease of configuration/administration is valued over choice of software to use. Note that with something like an MTA, the non-administrators who use that system would probably never even notice the difference, so personal/aesthetic reasons probably don't matter as much as with something like an MUA. Brian - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 20 10:25:59 1999 Received: by humbolt.nl.linux.org id ; Sun, 20 Jun 1999 10:24:30 +0200 Received: from prioris.im.pw.edu.pl ([148.81.80.7]:8209 "EHLO prioris") by humbolt.nl.linux.org with ESMTP id ; Sun, 20 Jun 1999 10:24:15 +0200 Received: from pd249.warszawa.ppp.tpnet.pl ([212.160.55.249]:516 "EHLO medievalist.org") by prioris.im.pw.edu.pl with ESMTP id ; Sun, 20 Jun 1999 10:25:28 +0200 Received: from zaks by medievalist.org with local (Exim 2.05 #1 (Debian)) id 10vTAg-0000J7-00; Sun, 20 Jun 1999 00:01:06 +0200 To: securedistros@humbolt.nl.linux.org Subject: Re: MTA References: X-Operating-System: Linux 2.2.9 From: zaks@prioris.im.pw.edu.pl (Slawek Zak) Date: 20 Jun 1999 00:01:05 +0200 In-Reply-To: Brian Behlendorf's message of "Sat, 19 Jun 1999 12:43:31 -0700 (PDT)" Message-ID: <87k8szkfz2.fsf@medievalist.org> Lines: 41 User-Agent: Gnus/5.070088 (Pterodactyl Gnus v0.88) XEmacs/21.1 (20 Minutes to Nikko) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list ** Brian Behlendorf wrote: Brian> I'd strongly recommend qmail. See the www.qmail.org site for Brian> reasons why. Its "weirdness" is more due to having a much Brian> different model than sendmail or (as I understand them) most Brian> other MTA's - rather than a monolithic setuid binary that does Brian> everything, tasks are divided amongst an impressive array of Brian> smaller programs, all plugged together with pipes, and using Brian> different UID's for things like "receiving mail from the Brian> network" Same for zmailer (http://www.zmailer.org). It is an extremely configurable and flexible MTA with modular design, developed with security in mind. It isn't very easy to set up as for now, due to relatively small amount of tutorial/HOWTO type of documentation (there is place for contribution). For many years it's proven to be the top choice for reliability and configurability in _very_ large installations because of its small memory and CPU footprint. Zmailer's router uses a real scripting language for configuration files, so it looks much clearer than sendmail.cf and it doesn't have performance impact of parsing at every startup due to byte compilation and demonic nature of routers. Brian> Postfix would be my second choice, though I state that without Brian> having used it myself, but solely on the reputation of the Brian> author. There might be some strings attached in the license, it wasn't clear when I last heard of it, and it's still in beta. Qmail's licensing isn't clear too, that's not GPL. It can't be made the base MTA of any free distribution because of license restrictions. >> exim (is it safe?) Who knows. Not many people use it, but it has monolithic design (that's why I use it at home :). It must be run setuid root so it is not a good candidate for any secure distribution. >> sendmail (bad performance, non-secure design, but no major bugs as >> of late and excellent configurability so newbie admins can also >> setup a non-spam-relay site) Nuff said. Approach with caution... /S -- * Suavek Zak (Systems Administrator) * email: zaks@im.pw.edu.pl voice: +48 (0) 22 674 66 79 * PGP v2.6: 2048/9A7CBF71, finger://zaks@prioris.im.pw.edu.pl - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 20 11:13:02 1999 Received: by humbolt.nl.linux.org id ; Sun, 20 Jun 1999 11:11:19 +0200 Received: from nkm.tdd.lt ([193.219.211.9]:50450 "HELO mx.nkm.lt") by humbolt.nl.linux.org with SMTP id ; Sun, 20 Jun 1999 11:10:52 +0200 Received: (qmail 22857 invoked from network); 20 Jun 1999 09:10:49 -0000 Received: from nkm.tdd.lt (HELO mx.nkm.lt) (midom@193.219.211.9) by nkm.tdd.lt with SMTP; 20 Jun 1999 09:10:49 -0000 Date: Sun, 20 Jun 1999 11:10:49 +0200 (CEST) From: Domas Mituzas X-Sender: midom@mx.nkm.lt To: securedistros@humbolt.nl.linux.org Subject: Re: MTA In-Reply-To: <87k8szkfz2.fsf@medievalist.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list Hello all, this MTA problem is actual for me now as I try to port them to safe non-root environment. Three years ago I started with sendmail, then there was uucp node contest, which was won by qmail (it's delivery was fastest and configuration minimal). Later I used qmail in various locations and was satisfied. But now I needed just several security improvements on qmail (one was FreeBSD group handling, another now is linux capability support). And what I faced was a code of one person. It seems, that DJB removes all comments from code before he releases it :) And uses his own C library, so nobody could modify his code :))) There are _simple_ dos bugs with qmail (with file locking and local delivery) so local users can halt delivery of mail. It was announced to djb, but it still is not fixed. It still runs on all my mailhosts, but on development box I'm trying several alternatives, that are written in more friendly way :) e.g. what does function nughde_get mean? yes... it means getting nughde... so what is nughde? fetch the source and study the source code =] With respect, Domas Mituzas - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 20 15:44:34 1999 Received: by humbolt.nl.linux.org id ; Sun, 20 Jun 1999 15:39:58 +0200 Received: from prioris.im.pw.edu.pl ([148.81.80.7]:55329 "EHLO prioris") by humbolt.nl.linux.org with ESMTP id ; Sun, 20 Jun 1999 15:39:17 +0200 Received: from pd47.warszawa.ppp.tpnet.pl ([212.160.55.47]:3588 "EHLO medievalist.org") by prioris.im.pw.edu.pl with ESMTP id ; Sun, 20 Jun 1999 15:40:31 +0200 Received: from zaks by medievalist.org with local (Exim 2.05 #1 (Debian)) id 10vefb-0000El-00; Sun, 20 Jun 1999 12:17:47 +0200 To: securedistros@humbolt.nl.linux.org Subject: Re: MTA References: X-Operating-System: Linux 2.2.9 From: zaks@prioris.im.pw.edu.pl (Slawek Zak) Date: 20 Jun 1999 12:17:47 +0200 In-Reply-To: Domas Mituzas's message of "Sun, 20 Jun 1999 11:10:49 +0200 (CEST)" Message-ID: <87aetvgoqc.fsf@medievalist.org> Lines: 15 User-Agent: Gnus/5.070088 (Pterodactyl Gnus v0.88) XEmacs/21.1 (20 Minutes to Nikko) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list ** Domas Mituzas wrote: Domas> Three years ago I started with sendmail, then there was uucp Domas> node contest, which was won by qmail (it's delivery was fastest Domas> and configuration minimal). Did they try zmailer ?? Domas> There are _simple_ dos bugs with qmail (with file locking and Domas> local delivery) so local users can halt delivery of mail. It Domas> was announced to djb, but it still is not fixed. He would have to admit there are problems with _his_ code/design first. Hard to imagine, I guess ... /S -- * Suavek Zak (Systems Administrator) * email: zaks@im.pw.edu.pl voice: +48 (0) 22 674 66 79 * PGP v2.6: 2048/9A7CBF71, finger://zaks@prioris.im.pw.edu.pl - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 20 15:56:18 1999 Received: by humbolt.nl.linux.org id ; Sun, 20 Jun 1999 15:52:49 +0200 Received: from nkm.tdd.lt ([193.219.211.9]:20755 "HELO mx.nkm.lt") by humbolt.nl.linux.org with SMTP id ; Sun, 20 Jun 1999 15:52:12 +0200 Received: (qmail 24539 invoked from network); 20 Jun 1999 13:52:10 -0000 Received: from nkm.tdd.lt (HELO mx.nkm.lt) (midom@193.219.211.9) by nkm.tdd.lt with SMTP; 20 Jun 1999 13:52:10 -0000 Date: Sun, 20 Jun 1999 15:52:10 +0200 (CEST) From: Domas Mituzas X-Sender: midom@mx.nkm.lt To: securedistros@humbolt.nl.linux.org Subject: Re: MTA In-Reply-To: <87aetvgoqc.fsf@medievalist.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list Hello, > Did they try zmailer ?? I'm sure they didn't... :-) As this contest was done by me :) I just tested main MTAs... > He would have to admit there are problems with _his_ code/design > first. Hard to imagine, I guess ... that is the problem. with qmail :-) With respect, Domas Mituzas - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Sun Jun 20 18:25:28 1999 Received: by humbolt.nl.linux.org id ; Sun, 20 Jun 1999 18:22:40 +0200 Received: from post-10.mail.nl.demon.net ([194.159.73.20]:40191 "EHLO post.mail.nl.demon.net") by humbolt.nl.linux.org with ESMTP id ; Sun, 20 Jun 1999 18:22:07 +0200 Received: from [212.238.108.69] (helo=agratax.demon.nl) by post.mail.nl.demon.net with esmtp (Exim 2.02 #1) id 10vkM3-0005DX-00 for securedistros@humbolt.nl.linux.org; Sun, 20 Jun 1999 16:22:03 +0000 Received: from mirkwood.nl.linux.org ([10.0.0.1]:12552 "EHLO mirkwood.nl.linux.org") by mirkwood.nl.linux.org with ESMTP id ; Sun, 20 Jun 1999 17:53:37 +0200 Date: Sun, 20 Jun 1999 17:53:35 +0200 (CEST) From: Rik van Riel To: securedistros@humbolt.nl.linux.org Subject: Re: MTA In-Reply-To: Message-ID: X-Search-Engine-Bait: http://humbolt.nl.linux.org/ X-My-Own-Server: http://www.nl.linux.org/ MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list On Sun, 20 Jun 1999, Domas Mituzas wrote: > But now I needed just several security improvements on > qmail ... And what I faced was a code of one person. Then, I guess, zmailer will be my mailer of choice for large setups (in fact, I even use it at home because it so nicely avoids DNS lookups on mail submission and it is very good (IMHO) in batching mail for dial-on-demand connections... Of course, the other mailers also have their merits. I don't see anything wrong with providing a choice, as long as all available MTAs come with a default secure setup. Me, I'll be joining zmailer development because I already start to like their code base and their openness wrt. development. Now if everyone starts improving their mailer of choice, we'll never have to worry again about which mailer is secure ;) regards, Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 21 14:10:16 1999 Received: by humbolt.nl.linux.org id ; Mon, 21 Jun 1999 14:07:22 +0200 Received: from note.orchestra.cse.unsw.EDU.AU ([129.94.242.29]:61456 "HELO note.orchestra.cse.unsw.EDU.AU") by humbolt.nl.linux.org with SMTP id ; Mon, 21 Jun 1999 14:06:56 +0200 Received: From nile With LocalMail ; Mon, 21 Jun 99 22:06:00 +1000 From: Emmanuel Galanos To: security-audit@ferret.lmh.ox.ac.uk Date: Mon, 21 Jun 1999 22:05:58 +1000 Message-ID: <19990621220558.A19164@cse.unsw.edu.au> Cc: securedistros@humbolt.nl.linux.org Subject: LSAP web site Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list Greetings, The web site for the Linux security audit project is finally ready. http://lsap.org./ Currently the site is rather sparse on content, however the important part, the audit database, seems to be working fine. The database allows the creation of audit records for programs, providing a browseable interface to all the data added. So as you audit programs for the fun of it, or as part of building your secure distributions, you can add an entry. If you have any problems with the site, please email webmaster@lsap.org. Emmanuel - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 21 18:39:50 1999 Received: by humbolt.nl.linux.org id ; Mon, 21 Jun 1999 18:38:07 +0200 Received: by humbolt.nl.linux.org with ESMTP id ; Mon, 21 Jun 1999 18:37:36 +0200 Date: Mon, 21 Jun 1999 18:37:35 +0200 (CEST) From: Rik van Riel To: securedistros@humbolt.nl.linux.org Subject: things to avoid Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list We haven't talked about this much, but there must be quite a lot of things we want to avoid in a secure distribution... Anyone? Rik -- Open Source: you deserve to be in control of your data. +-------------------------------------------------------------------+ | Le Reseau netwerksystemen BV: http://www.reseau.nl/ | | Linux Memory Management site: http://www.linux.eu.org/Linux-MM/ | | Nederlandse Linux documentatie: http://www.nl.linux.org/ | +-------------------------------------------------------------------+ - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 21 18:57:18 1999 Received: by humbolt.nl.linux.org id ; Mon, 21 Jun 1999 18:50:29 +0200 Received: from animaniacs.conectiva.com.br ([200.203.180.2]:5361 "HELO frajuto.conectiva") by humbolt.nl.linux.org with SMTP id ; Mon, 21 Jun 1999 18:48:27 +0200 Received: (qmail 24621 invoked from network); 21 Jun 1999 16:53:56 -0000 Received: from freak.conectiva (192.168.255.195) by frajuto.conectiva with SMTP; 21 Jun 1999 16:53:56 -0000 Date: Mon, 21 Jun 1999 13:53:05 -0300 (EST) From: Marcelo Tosatti X-Sender: marcelo@freak.conectiva To: securedistros@humbolt.nl.linux.org Subject: Re: things to avoid In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list Suid binaries. We can use (ping, for example) 2.2 capatibilities. - Marcelo On Mon, 21 Jun 1999, Rik van Riel wrote: > We haven't talked about this much, but there must be quite > a lot of things we want to avoid in a secure distribution... - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 21 20:36:42 1999 Received: by humbolt.nl.linux.org id ; Mon, 21 Jun 1999 20:34:35 +0200 Received: from charm.il.fontys.nl ([145.85.127.2]:13846 "HELO charm.il.fontys.nl") by humbolt.nl.linux.org with SMTP id ; Mon, 21 Jun 1999 20:34:10 +0200 Received: (qmail 28658 invoked by uid 435); 21 Jun 1999 18:34:09 -0000 Date: Mon, 21 Jun 1999 20:34:09 +0200 From: "M.Brands" To: securedistros@humbolt.nl.linux.org Subject: Re: things to avoid Message-ID: <19990621203409.A28631@il.fontys.nl> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.3i In-Reply-To: ; from Rik van Riel on Mon, Jun 21, 1999 at 06:37:35PM +0200 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list On Mon, Jun 21, 1999 at 06:37:35PM +0200, Rik van Riel allegedly wrote: > We haven't talked about this much, but there must be quite > a lot of things we want to avoid in a secure distribution... > > Anyone? What about wu-ftpd? Maybe use an alternative (proftpd maybe?) or run it chrooted. Mathijs - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 21 21:03:20 1999 Received: by humbolt.nl.linux.org id ; Mon, 21 Jun 1999 21:00:00 +0200 Received: from pez.hyperreal.org ([207.181.224.6]:53256 "HELO pez.hyperreal.org") by humbolt.nl.linux.org with SMTP id ; Mon, 21 Jun 1999 20:59:32 +0200 Received: (qmail 89357 invoked by uid 4000); 21 Jun 1999 19:01:08 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 21 Jun 1999 19:01:08 -0000 Date: Mon, 21 Jun 1999 12:01:08 -0700 (PDT) From: Brian Behlendorf To: securedistros@humbolt.nl.linux.org Subject: Re: things to avoid In-Reply-To: <19990621203409.A28631@il.fontys.nl> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list On Mon, 21 Jun 1999, M.Brands wrote: > On Mon, Jun 21, 1999 at 06:37:35PM +0200, Rik van Riel allegedly wrote: > > We haven't talked about this much, but there must be quite > > a lot of things we want to avoid in a secure distribution... > > > > Anyone? > > What about wu-ftpd? Maybe use an alternative (proftpd maybe?) or > run it chrooted. Or anonftpd: ftp://koobera.math.uic.edu/www/anonftpd.html Its main drawback - no user-based FTP or any uploading, simply anonymous downloading. Given that the FTP protocol passes passwords in the clear, I don't actually see this as a drawback. Brian - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 21 21:06:03 1999 Received: by humbolt.nl.linux.org id ; Mon, 21 Jun 1999 21:00:39 +0200 Received: from hiway1.exit109.com ([208.225.64.3]:54030 "EHLO hiway1.exit109.com") by humbolt.nl.linux.org with ESMTP id ; Mon, 21 Jun 1999 21:00:10 +0200 Received: from localhost (malice@localhost) by hiway1.exit109.com (8.9.3/8.7.3) with SMTP id PAA10123 for ; Mon, 21 Jun 1999 15:00:06 -0400 (EDT) Date: Mon, 21 Jun 1999 15:00:06 -0400 (EDT) From: Michael Cunningham To: securedistros@humbolt.nl.linux.org Subject: Re: things to avoid In-Reply-To: <19990621203409.A28631@il.fontys.nl> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list I think wu-ftpd running in a change rooted environment should be relatively secure. although its a pain in the butt.. proftp is easier to put in a chrooted environment. Is it gpl? Oh.. one thing I thought about today.. if ya'll are making secure linux distributions.. how do you plan on distributing them? Most people cant ftp a whole distro yet and who is gonna fork over the bucks to make cdroms? Or are some of these secure distros commercial ventures? Mike - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 21 21:06:54 1999 Received: by humbolt.nl.linux.org id ; Mon, 21 Jun 1999 21:02:19 +0200 Received: from 3jane.drp.fmph.uniba.sk ([158.195.19.24]:19470 "EHLO 3jane.drp.fmph.uniba.sk") by humbolt.nl.linux.org with ESMTP id ; Mon, 21 Jun 1999 21:01:44 +0200 Received: by 3jane.drp.fmph.uniba.sk via sendmail from stdin id (Debian Smail3.2.0.102) for securedistros@humbolt.nl.linux.org; Mon, 21 Jun 1999 21:08:38 +0200 (CEST) Date: Mon, 21 Jun 1999 21:08:38 +0200 From: Radovan Misovic To: securedistros@humbolt.nl.linux.org Subject: Re: things to avoid Message-ID: <19990621210838.C28944@3jane.drp.fmph.uniba.sk> References: <19990621203409.A28631@il.fontys.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: <19990621203409.A28631@il.fontys.nl>; from M.Brands on Mon, Jun 21, 1999 at 08:34:09PM +0200 X-OS: Linux 3jane 2.2.10 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list On Mon, Jun 21, 1999 at 08:34:09PM +0200, M.Brands wrote: > What about wu-ftpd? Maybe use an alternative (proftpd maybe?) or > run it chrooted. > AFAIK wu-ftpd was already patched. I use ProFtpd and it seems to be fine to me... rad0 -- raTboy --> radovan misovic --> misovic@st.fmph.uniba.sk +421-905-662334 This is Linux Country. On a quiet night, you can hear Windows NT reboot! - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 21 21:14:12 1999 Received: by humbolt.nl.linux.org id ; Mon, 21 Jun 1999 21:10:49 +0200 Received: from charm.il.fontys.nl ([145.85.127.2]:43544 "HELO charm.il.fontys.nl") by humbolt.nl.linux.org with SMTP id ; Mon, 21 Jun 1999 21:10:11 +0200 Received: (qmail 29117 invoked by uid 435); 21 Jun 1999 19:10:03 -0000 Date: Mon, 21 Jun 1999 21:10:03 +0200 From: "M.Brands" To: securedistros@humbolt.nl.linux.org Subject: Re: things to avoid Message-ID: <19990621211003.A29008@il.fontys.nl> References: <19990621203409.A28631@il.fontys.nl> <19990621210838.C28944@3jane.drp.fmph.uniba.sk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.3i In-Reply-To: <19990621210838.C28944@3jane.drp.fmph.uniba.sk>; from Radovan Misovic on Mon, Jun 21, 1999 at 09:08:38PM +0200 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list On Mon, Jun 21, 1999 at 09:08:38PM +0200, Radovan Misovic allegedly wrote: > On Mon, Jun 21, 1999 at 08:34:09PM +0200, M.Brands wrote: > > What about wu-ftpd? Maybe use an alternative (proftpd maybe?) or > > run it chrooted. > > > AFAIK wu-ftpd was already patched. I use ProFtpd and it seems to be fine to > me... I haven't use ProFtpd myself, but I've heard good things about it. I also like the ftp daemon that comes with FreeBSD, but that ones pretty limited. In my opinion wu-ftpd is suffering from feature bloat. Btw. proftpd is gpl-ed. Mathijs - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 21 21:22:22 1999 Received: by humbolt.nl.linux.org id ; Mon, 21 Jun 1999 21:20:39 +0200 Received: from hiway1.exit109.com ([208.225.64.3]:8466 "EHLO hiway1.exit109.com") by humbolt.nl.linux.org with ESMTP id ; Mon, 21 Jun 1999 21:20:16 +0200 Received: from localhost (malice@localhost) by hiway1.exit109.com (8.9.3/8.7.3) with SMTP id PAA14502 for ; Mon, 21 Jun 1999 15:20:12 -0400 (EDT) Date: Mon, 21 Jun 1999 15:20:12 -0400 (EDT) From: Michael Cunningham To: securedistros@humbolt.nl.linux.org Subject: Distribution/commercial? In-Reply-To: <19990621210838.C28944@3jane.drp.fmph.uniba.sk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list I think making a secure linux distribution is great and all, but how are people planning on distributing the distro? Who's gonna fork over the bucks for the cdroms? Who's gonna handle mailing them? Are some of these secure distro's commercial projects that have some sorta backing or are we all just wasting our time working on something that most users will never be able to download off the net? Mike - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 21 21:30:52 1999 Received: by humbolt.nl.linux.org id ; Mon, 21 Jun 1999 21:29:06 +0200 Received: from oto.gate.net ([199.227.254.133]:2570 "EHLO oto.gate.net") by humbolt.nl.linux.org with ESMTP id ; Mon, 21 Jun 1999 21:28:37 +0200 Received: (from fooz@localhost) by oto.gate.net (8.9.3/8.9.0.Beta3) id PAA01962 for securedistros@humbolt.nl.linux.org; Mon, 21 Jun 1999 15:28:34 -0400 Date: Mon, 21 Jun 1999 15:28:33 -0400 From: Illuminatus Primus To: securedistros@humbolt.nl.linux.org Subject: Re: things to avoid [how to distribute] Message-ID: <19990621152833.A23914@oto.valueweb.net> References: <19990621203409.A28631@il.fontys.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.3i In-Reply-To: ; from Michael Cunningham on Mon, Jun 21, 1999 at 03:00:06PM -0400 Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list +----[ On Mon, Jun 21, at 03:00PM(-0400), Michael Cunningham wrote: ]-------------- | Oh.. one thing I thought about today.. if ya'll are making | secure linux distributions.. how do you plan on distributing | them? Most people cant ftp a whole distro yet and who is | gonna fork over the bucks to make cdroms? Or are some of these | secure distros commercial ventures? I think it would be simple enough to publish a few ISO images onto an FTP site and rely on people like cheapbytes.com to mint the CDs and sell them (for a VERY reasonable cost, too). For people that don't want or can't afford CDs, over-the-net install works very well, too. The "infinite cookie" concept, as RMS puts it.. very low-cost information distribution. While we're on this topic, I'd like to say I'm very annoyed every time I see a new distribution, each one seeming to reinvent the wheel and come out with it's own package format. Is it too much to ask that this time the distribution be based on existing work, like Redhat or (better yet) Debian? If this is the path that is taken, lots of credit should be given, of course. Then again, why does this have to involve a new distribution? I think the maintainers of Debian would be more than happy to cooperate with a secure-linux effort. If someone successfully recompiled a package to use a more secure paradigm, the Debian folks would probably integrate it into their system as soon as they could get their hands on it. Debian is all about progress.. they pretty much reinvent core aspects of their distrib as needed with each release. As they say on the linux-kernel list (paraphrased), it's now time for less talk and more code.. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 21 21:36:51 1999 Received: by humbolt.nl.linux.org id ; Mon, 21 Jun 1999 21:32:43 +0200 Received: from animaniacs.conectiva.com.br ([200.203.180.2]:33597 "EHLO animaniacs.conectiva.com.br") by humbolt.nl.linux.org with ESMTP id ; Mon, 21 Jun 1999 21:31:30 +0200 Received: from freak.conectiva (freak.conectiva [192.168.255.195]) by animaniacs.conectiva.com.br (8.9.1a/8.9.1) with ESMTP id QAA04504 for ; Mon, 21 Jun 1999 16:31:31 -0300 Date: Mon, 21 Jun 1999 16:36:05 -0300 (EST) From: Marcelo Tosatti X-Sender: marcelo@freak.conectiva To: securedistros@humbolt.nl.linux.org Subject: Re: Distribution/commercial? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list On Mon, 21 Jun 1999, Michael Cunningham wrote: > I think making a secure linux distribution is great and all, > but how are people planning on distributing the distro? > Who's gonna fork over the bucks for the cdroms? I think someone already handled this. And IMHO the big point is not "selling cd's", but making a distro where popular (redhat, debian, slackware, etc...) distro can base its security. > Who's gonna handle mailing them? Are some of these secure distro's > commercial projects that have some sorta backing or > are we all just wasting our time working on something > that most users will never be able to download off the net? > > Mike - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 21 21:49:42 1999 Received: by humbolt.nl.linux.org id ; Mon, 21 Jun 1999 21:47:46 +0200 Received: from jungle.hitrust.net ([206.105.234.98]:21606 "EHLO jungle.hitrust.net") by humbolt.nl.linux.org with ESMTP id ; Mon, 21 Jun 1999 21:47:19 +0200 From: vf@jungle.hitrust.net Message-Id: <199906211946.PAA08864@hotmail.com> Subject: Re: Distribution/commercial? To: securedistros@humbolt.nl.linux.org Date: Mon, 21 Jun 1999 15:46:54 -0400 (AST) Cc: sales@cheapbytes.com In-Reply-To: from "Michael Cunningham" at Jun 21, 99 03:20:12 pm X-Mailer: ELM [version 2.4 PL25 PGP8] MIME-Version: 1.0 Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list > > I think making a secure linux distribution is great and all, > but how are people planning on distributing the distro? > Who's gonna fork over the bucks for the cdroms? Who's gonna > handle mailing them? Are some of these secure distro's > commercial projects that have some sorta backing or > are we all just wasting our time working on something > that most users will never be able to download off the net? Mike, I've enjoyed buying CDs from http://www.cheapbytes.com for almost nothing and hope they can handle this distro as well. Vadim Fedukovich - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@humbolt.nl.linux.org Mon Jun 21 23:00:04 1999 Received: by humbolt.nl.linux.org id ; Mon, 21 Jun 1999 22:58:23 +0200 Received: from attic.replay.com ([192.87.30.19]:9032 "EHLO attic.replay.com") by humbolt.nl.linux.org with ESMTP id ; Mon, 21 Jun 1999 22:57:52 +0200 Received: (from usura@localhost) by attic.replay.com (8.9.2/8.9.2/Replay Associates) id WAA10594; Mon, 21 Jun 1999 22:58:03 +0200 (CEST) From: Alex de Joode Message-Id: <199906212058.WAA10594@attic.replay.com> Subject: Re: Distribution/commercial? To: securedistros@humbolt.nl.linux.org Date: Mon, 21 Jun 1999 22:58:02 +0200 (CEST) Cc: sales@cheapbytes.com In-Reply-To: <199906211946.PAA08864@hotmail.com> from "vf@jungle.hitrust.net" at Jun 21, 99 03:46:54 pm X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-securedistros@humbolt.nl.linux.org Precedence: bulk Reply-To: securedistros@humbolt.nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list > > > > > I think making a secure linux distribution is great and all, > > but how are people planning on distributing the distro? > > Who's gonna fork over the bucks for the cdroms? Who's gonna > > handle mailing them? Are some of these secure distro's > > commercial projects that have some sorta backing or > > are we all just wasting our time working on something > > that most users will never be able to download off the net? > > Mike, > > I've enjoyed buying CDs from http://www.cheapbytes.com > for almost nothing and hope they can handle this distro as well. > The secure dist