Re: [expert] Fwd: Installation classes and security levels
On Wednesday 10 January 2001 02:51, you wrote: No answers? I sure was hoping for more than the brief description of Mandrake's Server vs. Workstation vs. Developer class installation. And what exactly is paranoid security, or high, or welcome crackers for that matter? Oh well, just guessing I guess I'll do a Developement install with welcome crackers security level then harden the box myself the old fashioned way or with Bastille. Hmmm, well, high security has a little program running around changing things you might make world-writable to some other setting--read the logs for details. The same changes to the system that generate warnings at medium security cause actions at high. You cannot run update easily also with High, and login as root isn't permitted; you have to login as a user and su to root With paranoid security, nothing is started by default. You have to initiate the services you want, and the security program will bother you a lot unless you put most services in chroot jails. Low Security has Passwords, and might be similar to most distros out of the box. This would be a good beginning for hardening the box yourself. Poor Security has none, but does identify users Welcome to Crackers might be difficult to harden. The one time I installed that, I did not notice the concept of users as part of the repertoire. Civileme --- Charles Baker [EMAIL PROTECTED] wrote: Date: Tue, 9 Jan 2001 10:08:48 -0800 (PST) From: Charles Baker [EMAIL PROTECTED] Subject: Installation classes and security levels To: [EMAIL PROTECTED] Is there a breakdown of exactly what you get with the various Mandrake installation classes and security levels? I'm interested in setting up a server with Apache, PostgresQL, Tomcat, OpenSSH, a JDK and perhaps a minimal X install and/or VNC to tunnel through ssh so my less linux savvy partner can do some work remotely. Thanks for any tips and pointers. = - [EMAIL PROTECTED] Hacking is a "Good Thing!" See http://www.tuxedo.org/~esr/faqs/hacker-howto.html __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ = - [EMAIL PROTECTED] Hacking is a "Good Thing!" See http://www.tuxedo.org/~esr/faqs/hacker-howto.html __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/
Re: [expert] Fwd: Installation classes and security levels
Thanks, someone else sent me a postscript document with a very detailed description of the differing security levels. --- civileme [EMAIL PROTECTED] wrote: On Wednesday 10 January 2001 02:51, you wrote: No answers? I sure was hoping for more than the brief description of Mandrake's Server vs. Workstation vs. Developer class installation. And what exactly is paranoid security, or high, or welcome crackers for that matter? Oh well, just guessing I guess I'll do a Developement install with welcome crackers security level then harden the box myself the old fashioned way or with Bastille. Hmmm, well, high security has a little program running around changing things you might make world-writable to some other setting--read the logs for details. The same changes to the system that generate warnings at medium security cause actions at high. You cannot run update easily also with High, and login as root isn't permitted; you have to login as a user and su to root With paranoid security, nothing is started by default. You have to initiate the services you want, and the security program will bother you a lot unless you put most services in chroot jails. Low Security has Passwords, and might be similar to most distros out of the box. This would be a good beginning for hardening the box yourself. Poor Security has none, but does identify users Welcome to Crackers might be difficult to harden. The one time I installed that, I did not notice the concept of users as part of the repertoire. Civileme --- Charles Baker [EMAIL PROTECTED] wrote: Date: Tue, 9 Jan 2001 10:08:48 -0800 (PST) From: Charles Baker [EMAIL PROTECTED] Subject: Installation classes and security levels To: [EMAIL PROTECTED] Is there a breakdown of exactly what you get with the various Mandrake installation classes and security levels? I'm interested in setting up a server with Apache, PostgresQL, Tomcat, OpenSSH, a JDK and perhaps a minimal X install and/or VNC to tunnel through ssh so my less linux savvy partner can do some work remotely. Thanks for any tips and pointers. = - [EMAIL PROTECTED] Hacking is a "Good Thing!" See http://www.tuxedo.org/~esr/faqs/hacker-howto.html __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ = - [EMAIL PROTECTED] Hacking is a "Good Thing!" See http://www.tuxedo.org/~esr/faqs/hacker-howto.html __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ = - [EMAIL PROTECTED] Hacking is a "Good Thing!" See http://www.tuxedo.org/~esr/faqs/hacker-howto.html __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/
Re: [expert] Fwd: Installation classes and security levels
On Wednesday 10 January 2001 05:56 am, you wrote: Thanks, someone else sent me a postscript document with a very detailed description of the differing security levels. That postscript doc sounds interesting, would you or the author be willing to pass a copy on to me as well? -- Matthew Micene A host is a host from coast to coast, Systems Development Managerand no one will talk to a host too close Express Search Inc.Unless the host that isn't close www.ExpressSearch.com is busy, hung or dead
Re: [expert] Fwd: Installation classes and security levels
Matthew Micene wrote: On Wednesday 10 January 2001 05:56 am, you wrote: > Thanks, someone else sent me a postscript document > with a very detailed description of the differing > security levels. That postscript doc sounds interesting, would you or the author be willing to pass a copy on to me as well? Every copy of Mandrake-Linux come with full documentation. It's on the distribution cd. Look in /usr/share/doc/msec-0.xx You will find the file msec.ps here also. Also general information is provided in the Mandrake User Guide and Reference Guide. Sword'sEdge VoiceMail/Fax: (858) 860-6406 x1587
RE: [expert] Fwd: Installation classes and security levels
actually put it on an ftp server! i'd love to see that! matt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Matthew Micene Sent: Wednesday, January 10, 2001 9:42 AM To: [EMAIL PROTECTED] Subject: Re: [expert] Fwd: Installation classes and security levels On Wednesday 10 January 2001 05:56 am, you wrote: Thanks, someone else sent me a postscript document with a very detailed description of the differing security levels. That postscript doc sounds interesting, would you or the author be willing to pass a copy on to me as well? -- Matthew Micene A host is a host from coast to coast, Systems Development Managerand no one will talk to a host too close Express Search Inc.Unless the host that isn't close www.ExpressSearch.com is busy, hung or dead
Re: [expert] Fwd: Installation classes and security levels
Well, I had installed from ftp not a CD. Plus, I didn't even know the name of the security package until I got the msec.ps. Oh well, I know where to look now. --- Larry Sword [EMAIL PROTECTED] wrote: Matthew Micene wrote: On Wednesday 10 January 2001 05:56 am, you wrote: Thanks, someone else sent me a postscript document with a very detailed description of the differing security levels. That postscript doc sounds interesting, would you or the author be willing to pass a copy on to me as well? Every copy of Mandrake-Linux come with full documentation. It's on the distribution cd. Look in /usr/share/doc/msec-0.xx You will find the file msec.ps here also. Also general information is provided in the Mandrake User Guide and Reference Guide. Sword'sEdge VoiceMail/Fax: (858) 860-6406 x1587 = - [EMAIL PROTECTED] Hacking is a "Good Thing!" See http://www.tuxedo.org/~esr/faqs/hacker-howto.html __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/
