Check out .....
AppArmor
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/AppArmor
AppArmor ("Application Armor") is a security module for the Linux kernel,
released under the GNU General Public License. From 2005 through September
2007, AppArmor was maintained by Novell. AppArmor allows the system
administrator to associate with each program a security profile that
restricts the capabilities of that program. It supplements the traditional
Unix discretionary access control (DAC) model by providing mandatory access
control (MAC). It was included as of the 2.6.36 version of the mainline
Linux kernel.
In addition to manually specifying profiles, AppArmor includes a learning
mode, in which violations of the profile are logged, but not prevented. This
log can then be turned into a profile, based on the program's typical
behavior.
AppArmor is implemented using the Linux Security Modules (LSM) kernel
interface.
AppArmor is offered in part as an alternative to SELinux, which critics
consider difficult for administrators to set up and maintain.[1] Unlike
SELinux, which is based on applying labels to files, AppArmor works with
file paths. Proponents of AppArmor claim that it is less complex and easier
for the average user to learn than SELinux.[2] They also claim that AppArmor
requires fewer modifications to work with existing systems:[citation needed]
for example, SELinux requires a file system that supports "security labels",
and thus cannot provide access control for files mounted via NFS. AppArmor
is file system-neutral.
---------
Case Harden Linux Security
Posted by Linux Ducks on November 1, 2010 at 9:52 PM comments (0)
http://linuxducks.webs.com/apps/blog/show/5216825-case-harden-linux-security
I would like to post for windows users security doubters one simple security
ware idea available for Linux, and invite you to read the product
description as available security to really "case harden" your Linux....
AppArmor description
http://linux.softpedia.com/get/Security/
Linux application security framework
AppArmor is a software that gives you network application security via
mandatory access control for programs, protecting against the exploitation
of software flaws and compromised systems.
AppArmor is an effective and easy-to-use Linux application security system.
AppArmor proactively protects the operating system and applications from
external or internal threats, even zero-day attacks, by enforcing good
behavior and preventing even unknown application flaws from being exploited.
AppArmor security policies completely define what system resources
individual applications can access, and with what privileges. A number of
default policies are included with AppArmor, and using a combination of
advanced static analysis and learning-based tools, AppArmor policies for
even very complex applications can be deployed successfully in a matter of
hours.
What's New in This Release: [ read full changelog ].....
--------------------------------------------------
From: "novicegeek" <acss82@yahoo.co.uk>
Sent: Thursday, March 17, 2011 9:34 AM
To: <LINUX_Newbies@yahoogroups.com>
Subject: [LINUX_Newbies] What are the basic components in a typical Linux
network?
I know what some people will say. Linux has absolute flexibility in its
network. You can put just about anything in it. It also does not really have
a domain controller, etc.
However, if we were to set up our own Linux network, what are the basic
components we need? In a Window network, we need a domain controller with
Active Directory installed.
What do we need for Linux? What exactly are the necessary components we need
for a Linux network?
I think we need at least an OpenLDAP, don't we? And also some servers. What
are the other stuff to make a good Linux network? I am a newbie in this.
Thanks.
Thursday, March 24, 2011
Re: [LINUX_Newbies] What are the basic components in a typical Linux network?
__._,_.___
To unsubscribe from this list, please email LINUX_Newbies-unsubscribe@yahoogroups.com & you will be removed.
MARKETPLACE
.
__,_._,___
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment