Getting to grips with securing Linux

suicideducky · Apprentice Joined: 29 Jan 2007 Posts: 208

Hey all,
so for a while I have had an interest in security within a Linux system and I would like to know more,
get down to securing up a box, penetration testing and really get knowledgeable about security related matters.

I have been using Linux for quite some time now, 5 years, 3 of them solid, I have mucked around with LFS a few times, Gentoo and Archlinux. I have played with many other Linux systems but those last two are the ones I feel I really got to "know".

A few things within Linux I feel I do not know the best are the kernel, ALSA and security. The first two I have briefyly touched on when needed (patching, compiling, configuring etc.) but as for the last I have barely touched it (other than pubkey crypto and that kind of stuff).

I think it would be usefull to have a dedicated box running probably Gentoo or Archlinux and secure it up as much as humanly possible and then go all out on it, and I have two spare (see: old) laptops available for this purpose.

But before this is possible, I need to learn how. I have been programming in Python for a while now and am in the process of learning C++, also am studying for my Net+ and have touched base with Sec+ and some CEH before but I feel neither of them really prepare me for what I would like to do, that is get into Linux security specifically.

think4urs11 · Posted: Wed Apr 22, 2009 11:11 pm Post subject:

you may want to take a look at Best way to secure systems and networks to get some ideas and keywords about the various possible aspects.
_________________
Nothing is secure / Security is always a trade-off with usability / Do not assume anything / Trust no-one, nothing / Paranoia is your friend / Think for yourself

suicideducky · Apprentice Joined: 29 Jan 2007 Posts: 208

cach0rr0 · Posted: Thu Apr 23, 2009 5:34 am Post subject:

suicideducky · Apprentice Joined: 29 Jan 2007 Posts: 208

So far all I've gotten to doing is changing sudo from allowing all wheel to requiring password,
made it so only users in the wheel group can use su,
password protected grub (stored as an md5 hash),
and setup a basic iptables firewal,

I was considering encrypting my drive but in the end decided against it as I don't think I would learn much from it, and it would not add anymore security from the network pentesting side but I may still do it "just for fun" at some point haha

monsm · Guru Joined: 26 Sep 2007 Posts: 467 Location: London, UK

One of my friends who's into IT security uses this live-CD based distro for security testing. According to him it contain all the tools you want.
http://www.remote-exploit.org/backtrack.html

Mons

cach0rr0 · Posted: Thu Apr 23, 2009 6:58 pm Post subject:

have used backtrack, and is quite a nifty tool - i keep a thumb drive with BT3 on my keychain!
there's another one based upon gentoo called "pentoo", but it hasn't had a release since 2006 IIRC

suicideducky · Apprentice Joined: 29 Jan 2007 Posts: 208

Thanks guys for the recommendations, But I have used both Pentoo and Backtrack, and at some point PHLAH and knoppix STD and nubuntu,

All of those distros merely contain tools that do all the work for you, I would like to understand things, or atleast learn what to do, I mean sure I can boot nubuntu right now and do a port scan with nmap etc. But that does not make me any smarter, it does not teach me how it works, or even what to do next.

Thanks,
Ducky.