System Hardening Packages


The following are some of the security-related packages included with SLES 9:

  • AIDE The Advanced Intrusion Detection Environment is a tool that checks file integrity.

  • Arpwatch This tool keeps track of MAC-IP address pairings by monitoring ARP traffic; it can report detected changes via syslog and email.

  • Bastille This security hardening tool runs in both interactive and automated modes; it replaces the harden_suse script that was previously included with SLES 8.

  • Ethereal This is an excellent packet sniffer and decoder.

  • IPTraf This tool is a console-based network statistics reporting utility.

  • John the Ripper This tool detects weak passwords.

  • ippl This IP protocol logger tracks incoming ICMP messages, TCP connections, and UDP datagrams.

  • Logsurfer This tool allows log files to be monitored, and when a predefined event is encountered, action (such as an email alert) can be triggered.

  • mon This tool monitors the availability of network services.

  • Nagios Similar to mon, this tool performs periodic checks on the availability of hosts and services; for more information, visit http://www.nagios.org.

  • Nessus This excellent security scanner can test for and report on more than 900 known weaknesses.

  • nmap This tool scans a host and reports on open ports.

  • SAINT The Security Administrator's Integrated Network Tool is an enhanced version of the network security vulnerability scanner, SATAN (Security Administrator's Tool for Analyzing Networks).

  • scanlogd This daemon can detect and log port scans that are directed at its host.

  • seccheck This security-checking script can be executed periodically via cron and reports results via email.

  • Snort This excellent packet sniffer can also be used as a lightweight network intrusion detection system.

  • tcpd This tool provides the tcp_wrapper software that inetd/xinetd can use to secure network services (such as telnet and finger) they manage.

  • Tripwire This application can monitor filesystems and report on detected changes.

Of all the listed packages, only tcpd (thus tcp_wrapper) is installed by default as part of the basic runtime system. Most of the other packages will be installed if you select and install the Productivity/Security package group using YaST. Some packages, such as Ethereal, are listed under Network/Security instead.



    SUSE LINUX Enterprise Server 9 Administrator's Handbook
    SUSE LINUX Enterprise Server 9 Administrators Handbook
    ISBN: 067232735X
    EAN: 2147483647
    Year: 2003
    Pages: 134

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net