On Jan 23, 2008 8:46 AM, Jason Edwards <[EMAIL PROTECTED]> wrote: > Firestarter (http://www.fs-security.com/) would be something you could > use to manage iptables. It won't show you an application and let you > make a policy based on that application, but you could figure out what > ports an application is using and and make policies based on that.
I used to use Firestarter. I had so many problems, I eventually gave up and tried to kill it. Doing so ended up being an adventure of its own. Now I'm happy just using iptables from the command line. I think my mind works better at the command line anyway. > As far limiting executables launching other executables, you should be > able to do it with SELinux or AppArmor, though I don't know what tools > there are make that easier to manage. I missed that part of the original post. My bad. I haven't played yet with AppArmor, but SELinux is excellent at securing files and processes. Problem is, it's not the friendliest thing in the world to configure. And if your distro doesn't have decent policies written for it, I think you'll probably hate it. The latest versions of Red Hat (both RHEL and Fedora) have excellent SELinux policies written, and some excellent default iptables rules set up. I supposed by extension, CentOS does too. If you're not too attached to a different distro, they're definitely worth checking out. -- Joseph http://blog.josephhall.com/ /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
