On Fri, Dec 27, 2002 at 01:01:09PM -0200, Gustavo Franco wrote: > And please Javi, check it too: > http://www.mandrakesecure.net/en/docs/msec.php I've taken a (brief) look at msec. It seems that it is divided into two different functionalities: - security checks, written in shell scripts and run through cron. - security hardening scripts, written in python and run when the user sets the security level. Some of the hardening stuff is _also_ done on system bootup (this time through shell scripts in init.d) I believe the first part is similar to the checks we already discussed (Tiger, OpenBSD's and SUSE's) whileas the second part is roughly similar to what Bastille does (albeit different). One of the things I think might be nice for end-users is to have four different security levels. Novice admins might find it easy to set the configuration based on a level 0 (nothing) to 4 (paranoid). That's one idea that I migh bring to the Tiger package (which currently installs in 'paranoid', i.e. all security checks enabled, mode). I'll have to take a look at all the checks (one by one) in order to determine if some of them could be included into Tiger. After all, they are all GPLd. I will also try contact the main author to discuss some issues with him. As soon as I have a list of checks that msec provides that Tiger doesn't yet I will post it. Regards Javi
Attachment:
pgpw6CxkKyXdr.pgp
Description: PGP signature