The manuals I would look at are the RHEL 4 SELinux documentation:
http://www.redhat.com/docs/manuals/ente ... nux-guide/
http://www.nsa.gov/selinux/info/docs.cfm
and the GRSEC docs
www.grsecurity.net/quickstart.pdf
http://www.grsecurity.net/wiki/index.php
Both systems are available in the ASL kernel, and have some extremely powerful security features. In the 2.6.18 kernel release Im working on right now, I'm planning on expanding the process ACL system in GRSEC to enforce much tighter controls on kernel modules, and the way the apache user can interact with the system, as well as include a basic "security posture" configuration module to give you feedback on what your security posture really is. Ideally I'd like to combine this with some basic auditing (ie, tell you safe_mode is on/off, scary php settings, etc) during the configuation mode. Last but not least, I want to get the Xen server virtualization system into 2.6.18.
mod_security is the other big component, and mike is working on getting the rules converted over to the 2.0 format. Once that is complete, we're planning on including a rule updater, and support for integration with our "known-attacker" RBL. Docs for mod_security are available here:
http://www.modsecurity.org/documentation/index.html
Login
Register
FAQ
Search
