LinkBack URL
About LinkBacks
In this tutorial I am going to explain to you all how to write a linux security wall that can beat Windows ISA Server in security level. The main idea is really simple. Basicly we are going to make a Small Linux server that is security Based.
What we need:
- Low Power
- Full Control
- Security
* Nearly-Free
First Setup:
Well first we want to make a small low power system. I did buy a Mini-ITX a friend of me used a Nano-ITX system. The system you use is not really imporant. As long as it has Two-Networkcards. What is really usefull is to Label the Ports with the Linux System port. Like Eth0 / Eth1 make a small Sticker that will make it easyer for you to setup your system. For me Eth0 is WAN and Eth1 is LAN.
We want a System that gives us Full control. We are going to use Gentoo Linux. Just unstall the Basic system and after that install the Hardered Linux system. So basicly that you install SELinux at the beginning. Do not install ANYTHING you don't really need.
Setup a Basic System:
Well, first install IPTABLES and OpenSSH. Iptables is going to be our Firewall.
Set it so that SSH is only allowed from the LAN side. And NOT from the WAN side for the open world. If you DO want to use SSH from outside the your set IPTABLES SO that you can only connect from your HOME IP. NOT and NEVER for the ENTIRE world. Well, now you have set OpenSSH and Iptables.
IDS:
After that, we want to setup a IDS and a Configuration system.
Well a GREAT IDS is SNORT, install SNORT now. Well the snort configuration is really hard. So what we are going to do is Install a GUI for it that makes Managing Snort a Piece of Cake. The best one I have found is BASE. BASE is just in Gentoos Portage system. So just install it now and Install Apache aswell ofcourse.
DO NOT RUN Port80 on the outside. Only on the WAN Side.
You probably want to have the power to make people not able to access certain web pages.
Proxy:
And you want to Proxy. The best Proxy System is SQUID. Installing Squid is really easy. Just install it using portage and then setup the Config. The Config of Squid is REALLY easy. Just set it up. And then set the Config. Well using Google should tell you enough to set SQUID. Using man might also work.
Almost Done:
So, how we have a Firewall, IDS, Proxy system secured over SELinux. So, what do we want next from this? We might want to set a system that can automatically check for Exploits on the system.
Auto-Exploiter:
I built such a system a while ago. And I attached it to this Tutorial. Just download it and install it in /home/$USER/exploit. The big idea is, first update THEN check. If Error Found, downgrade or send a msg to the administrator.
Well, lets write a Bash Script for it:
Just put that in as a CronTask.Code:emerge --sync ; emerge -vUn world ; sh /home/$USER/exploit/run-everything
Secure login:
Well, we want to secure the Login a lot more of the Box.
Since we are scared our root password is going to get Bashed. We are going to install Steve Gibsons Perfect Paper Passwords. Read: https://www.grc.com/ppp.htm for more information. There is a PAM login for PPP. Here it is: ppp-pam - Google Code
Honey Potting:
Install that. Now in case THAT the network gets hacked from the inside. What if we confuse them SO much, that they have no idea what the network is. And in the time they DID find out how the network works the system you already busted them. Tis system is called Honey Potting. Let install HoneyD and make the hackers confused.
Reply With Quote
Bookmarks
Algorithms and Data Structures
Java tutorials
Algorithms Forum