Advance and Be Mechanized

The purpose of this new project I started is to have a security level management tool similar to Mandriva's msec.

Ubuntu page: Ubuntu Security Levels. Everybody is welcome to join.

The idea is to harden (and monitor/log) the security of Ubuntu by having well-known states or levels that are easy to understand and manage by users and sysadmins.

• Easy, like in Mandriva, by typing just "msec 3" we go to a level deemed appropriate for desktops connected to the Internet. No need to go through screens answering difficult questions like with Bastille Linux.


• System administrators will be aware that the systems are in a particular well-known configuration regarding basic aspects of security ("this web server is level 4, that critical server is level 5"). The caveat of course is to have a false sense of security.


• The proposed difference in philosophy with Mandriva's msec is that the users won't be able to customize (at least easily) the directives for the levels; the simpler the better

There are several Linux Live CDs that are specialized in network security tools like:

L.A.S.
Trinux
PHLAK
Knoppix STD

I like Knoppix STD; it's a very complete infosec toolkit. (First time users: remember to right-click with the mouse once you're on the desktop).

I've been getting involved in Ubuntu and a project I just started is the Ubuntu Security LiveCD, an Ubuntu LiveCD remastered with many security tools.

The security live CD I put together works pretty well and I intend to publish the iso file once I polish it a little more.