[Cialug] Fedora Core 3 SELinux

[Stephen Hawkins]

Tom,

On Tuesday 15 March 2005 09:19, Dave Weis wrote:
> On Tue, 15 Mar 2005, Tom Pohl wrote:
> > I'm installing my first FC3 box (*gasp*).  Are there any Security
> > Enhanced Linux (SELinux) experts out there?

I'm not sure of how much of an expert I am, probably not much, and you may be 
after information other then this, but to start learning about locking down 
my RH box, I went to this website:

http://www.sns.ias.edu/~jns/security/iptables/

I learned a lot about iptables there (I am still learning about iptables and 
his script) and installed the script that he has on his website.  I then, 
over a period of time, changed it here and there to accommodate things I was 
using that were blocked by the iptables script.  His script locks things up 
pretty tight.  Things like NTP and Linksysmon stopped working and I had to 
fool with the script to make them work.  Anyhow that is a good place to 
start.  Depending on what flavor of linux distro you have,

/usr/sbin/iptables -L

should show you what rules you are living with now.  Save the file that 
creates them, before you start making any changes.  After you look at the 
website, and what you have now, you may decide that you don't want to change 
anything.  There are two versions on his web site.  The old iptables script 
of rules is easier to understand, for me anyway, then the new shell script 
that sets everthing up.

Hope this helps,
Steve
-- 
73 49 111 01001001
Stephen Hawkins NG0G
ng0g@arrl.net