[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Intent to Investigate/ITP: SuSE-provided security tools

I intend to investigate, adapt, and package those (legally and
technically) Debian-usable parts of this collection, recently
announced by SuSE.  If anyone else is (or is interested in) 
working on any of these, please let me know.

>Message-Id: <19991126222210.37C7667BE@Galois.suse.de>
>Date: Fri, 26 Nov 1999 23:22:10 +0100 (MET)
>From: marc@suse.de (Marc Heuse)
>To: linux-security@redhat.com
>Subject: [linux-security] SuSE Security Announcement - new security tools
>Tools developed by SuSE (all open source) and included in SuSE 6.3 :
>SuSE FTP Proxy - The first program of the SuSE Proxy Suite.
>                 A secure FTP proxy with support for SSL, LDAP, command
>                 restriction, active and passive FTP support, and much more.
>                 RPM: fwproxy.rpm, fwproxys.rpm (SSL - not in the US version)
>SuSE Firewall  - The new firewall script from SuSE, rewritten from scratch.
>                 Autodetection of interface information, masquerading,
>                 autoprotection of services, protection from internal
>                 networks, fail-close design and easy to configure.
>                 RPM: firewals.rpm
>Harden SuSE    - A special script for hardening a SuSE Linux 5.3 - 6.3.
>                 By answering 9 questions, the system is reconfigured very
>                 tightly. e.g. disabling insecure network services, removing
>                 suid/sgid/world-writable permissions which are not critical.
>                 RPM: hardsuse.rpm
>SuSE Secumod   - This loadable kernel module enhances the security of the 
>                 system by adding a symlink/hardlink/pipe protection,
>                 procfs protection, trusted path execution and capabilities.
>                 RPM: secumod.rpm
>SuSE Secchk    - These are cron scripts which run daily, weekly and monthly
>                 to check the security of the system and compare them to the
>                 last run.
>                 RPM: seccheck.rpm
>Yast-1         - New administration menu for setting password aging,
>                 authentication fail delay and logging of logins + failures.
>                 RPM: yast.rpm
>SuSE auditdisk - Please note that this tool is in beta phase!
>                 This tool generates a bootdisk with checksum data and all
>                 binaries etc. needed to automaticaly verify file checksums
>                 upon booting. This way it can't be subverted by lkm's like a
>                 standard e.g. tripwire installation.
>                 WWW: http://www.suse.de/~marc - not included on SuSE 6.3 yet
>Watch out for updates of these tools on our WWW or FTP update sites.
>Although these are tools developed by SuSE, they (should) work on any Linux
>distributions with little problems.

Reply to: