[231] in linux-security and linux-alert archive
Re: Proposal - Linux security package and howto
daemon@ATHENA.MIT.EDU (Alan Cox)
Tue May 16 03:47:16 1995
From: iialan@iifeak.swan.ac.uk (Alan Cox)
To: rbagwill@nist.gov (Bob Bagwill)
Date: Sat, 6 May 1995 20:32:21 +0100 (BST)
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <9505031604.AA05793@sst.ncsl.nist.gov> from "Bob Bagwill" at May 3, 95 11:05:03 am
> I would like to see a package of essential software for Linux
> security. Particular distributions tend to include some of the
> components, but not others. It might be useful to have a server package,
> which is appropriate for a multi-user, multi-purpose Linux system, and
> a desktop package for a single-user system. I'd also like to
> see accompaning howto's.
Its hard to do this for various reasons.
> To get the ball rolling, here is some software I had to obtain for
> my single-user desktop box:
>
> anon-ftpd-0.7 - to permit worry-free ftp
My distribution came with wuftpd-2.4 which I believe is secure (please
tell me if I am wrong)
> cops_104 - to check for config problems, needs to be improved for Linux
Yes.. also tripwire and the tripwire config for the standard distribution
> pgp262s - to send and receive confidential email, and to secure integrity info
> rsaref - for pgp
Both cause hassle due to US ITAR regulations
> xautolock.pl10 - to lock the screen when I leave my desk
Not safe because Linux has CTRL-ALT-BS and screen switching.
