Security Basics mailing list archives
Re: Comparing linux distros.
From: Ankush Kapoor <everbeeninlove () gmail com>
Date: Sun, 27 Feb 2005 06:25:10 +0530
You can try out GFI's LanGuard to "nmap" them. Some of the results given by this product don't appear on Nessus scans. Priviledged files should be easy to find, a simple find / -perm +4000 or something like that should give you files that you should keep your eyes on. I don't know much about the others, but redhat's FC3 screws up things well and proper in someways. I mean, it does "secure" things in a way, but IFS, SUID etc don't always work the way they should. I discovered that while developing a wargames server recently. An out-of-the-box configuration is somewhat ambiguous in the sense that often you come across suggestions you dont heed. Like the famous "linux single" directive on lilo, or its equivalent in grub. You could probably also look up on how many vulnerabilities come out for the applications installed by default for each of the distributions. That should give you some idea regarding how bad is what! No trivial task though! all the best regards Ankush Kapoor On Tue, 22 Feb 2005 15:22:24 +0100, Lars Georg Paulsen <maillist () braindead nu> wrote:
Hi list. I'v just started on my bachlor paper. It's about comparing 4 different linux distros (debian, slack, mandrake, fedora). I'm going to have a look at how well the diffent system are protected. All distro's are going to be installed with default settings, so they should almost be at the same level. I would like to test how well they are secured out-of-the-box. Both from remote and from local consoll. What I have set up to now; - Port scanning; I would like to do a portscan (using nmap) Maping service that are running as default on every distro. Check if any of the distro have any default settings for logging such activites. trough out /var/log/* or any where els. Also using the -O -v flag for nmap so I can get information about TCP sequence prediction, and IPID sequence generation. - Nessus vun. test; Run a test just to check the results, compared to what I'v got from nmap. - Local file security; I'v notice that on some box's there are special commands, ex, ' /bin/ping '. Are the other program that you would like to check priviliges to? and what about normal users reading system files, configures settings under /etc/* , any viewpoints? The hole point for my bachlors paper is comparing the 4 distro's up agains eachother. Bare in mind, this is just a small part of the hole bachlor paper, so I don't want to go all the way to the bottom. Any suggestions? on what do you guys think I should include?, or drop out... thanks in advance. cheers Lg -- Lars Georg Paulsen <maillist () braindead nu>
Current thread:
- Re: Comparing linux distros. Alvin Oga (Feb 28)
- <Possible follow-ups>
- Re: Comparing linux distros. Ankush Kapoor (Feb 28)
- RE: Comparing linux distros. Maciej Bonin (Feb 28)