[Cialug] Fedora Core 3 SELinux

[Dan Wittenberg]

While iptables is helpful, he was actually wondeirng about selinux which
is completely different - just FYI.

Dan

On Tue, 2005-03-15 at 09:49, Stephen Hawkins wrote:
> Tom,
> 
> On Tuesday 15 March 2005 09:19, Dave Weis wrote:
> > On Tue, 15 Mar 2005, Tom Pohl wrote:
> > > I'm installing my first FC3 box (*gasp*).  Are there any Security
> > > Enhanced Linux (SELinux) experts out there?
> 
> I'm not sure of how much of an expert I am, probably not much, and you may be 
> after information other then this, but to start learning about locking down 
> my RH box, I went to this website:
> 
> http://www.sns.ias.edu/~jns/security/iptables/
> 
> I learned a lot about iptables there (I am still learning about iptables and 
> his script) and installed the script that he has on his website.  I then, 
> over a period of time, changed it here and there to accommodate things I was 
> using that were blocked by the iptables script.  His script locks things up 
> pretty tight.  Things like NTP and Linksysmon stopped working and I had to 
> fool with the script to make them work.  Anyhow that is a good place to 
> start.  Depending on what flavor of linux distro you have,
> 
> /usr/sbin/iptables -L
> 
> should show you what rules you are living with now.  Save the file that 
> creates them, before you start making any changes.  After you look at the 
> website, and what you have now, you may decide that you don't want to change 
> anything.  There are two versions on his web site.  The old iptables script 
> of rules is easier to understand, for me anyway, then the new shell script 
> that sets everthing up.
> 
> Hope this helps,
> Steve