Slackware hasn’t been in the spotlight for ages, but before I go into a long rant about how the only Linux I would dare use is Slackware, lets get to the point.
Slackware is known for its security, but as we all know; systems are only as secure as their administrators are paranoid, however, it helps to have good (great) foundation.
Jeffrey Denton (dentonj) has compiled an elaborate tutorial on improving the overall security of Slackware Linux. I’ve known dentonj from IRC for a good bit of time, and though he has kicked me for being a dink a few times, he has my respect. I’ve read through this tutorial and found it up to par for even the most paranoid. Surprisingly enough, most of it I have already done. Other parts I found so ingenious, I had to implement them.
Please take note that dentonj is doing some contract work in Iraq at the moment… or “war driving in the states got boring,” as he put it… so the document is still a work-in-progress.
You can read the document here or here.
With Nessus 3.0’s promising enhancements and updates, one would normally
rush into updating. Unfortunately, it’s not provided as it used to be.
Only specific Linux distributions and FreeBSD 5/6 have been chosen as the
initial binary releases–only the CVS repository is available. What about
those using Solaris or Windows? Well, they’ll have to wait their turn. It
seems Tenable Network Security is doing what seems to be a scary trend.
Open Source, Tested, Used, Trusted, Mature, Limited Support/Availability.
With Snort, the community rules are horrible, the registered member’s
rules are mediocre and you need to pay for the VRT certified rules. RedHat
did the same thing, but instead of completely telling the open source
community to shove it, they released Fedora. Well, how else are they going
to use the open source community as a test bed? It seems the days of free
speech are coming to an end while the days of free beer are gaining
ground. Money makes the world go ’round but don’t tease us geeks with free
stuff. I hope my view and paranoia is entirely wrong and this is just a
figment of my imagination, else the open source community has a one-way ticket to the history books.