Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Door , , 3 reacties
Bron: Guardian Digital

EnGarde Secure Linux is een Linux-distributie die gericht is op servers die een hoog beveiligingsniveau moeten hebben. Het bevat een aantal standaard applicaties waarmee verschillende servertaken zonder problemen uit te voeren zijn, zoals het serveren van dynamische websites, mail en het uitvoeren van network intrusion detection. Voor meer informatie verwijzen we jullie door naar deze pagina. Versie 3.0.16 is sinds kort beschikbaar en kreeg de volgende aankondigingstekst mee:

Version 3.0.16:

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.16 (Version 3.0, Release 16). This release includes many updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, and a few new features.

The following reported bugs from bugs.engardelinux.org are fixed in this release:
  • #0000163 no access to dhcpcd interface on webtool since last dhcpd ...
  • #0000164 No Security timeout when using "mc".
  • #0000165 Request to include Fail2Ban package in EnGarde
  • #0000166 Wrong text on button.
  • #0000167 ispell
Several other bugs are fixed in this release as well.

New features include:
  • EnGarde Secure Linux now has support for KVM, the Kernel-based Virtual Machine. KVM utilizes the Intel VT and AMD-V processor extensions to provide a very fast virtualization environment using QEMU. More information on KVM may be found at kvm.qumranet.com. Eckersid Silapaswang, one of our engineers, has documented how to use this new KVM functionality in the HOWTO:Using_KVM article in this wiki. He's also provided two images of this 3.0.16 release, one for i686 and one for x86_64, here. Users are encouraged to download these sample images and, using the wiki article, evaluate KVM for themselves!
  • Downloading EnGarde Secure Linux just became a whole lot easier! For convenience, we've removed the need to register before downloading EnGarde Secure Linux. Users can now create a GDSN Account after installing EnGarde, during their initial configuration. This eliminates any confusion and inefficiencies in getting the server up and running.
  • Limited support for the new ext4 filesystem. This is not intended for use in a production environment -- it's being provided simply for evaluation purposes.
  • Updated PCI tables and hardware detection system, which allows for much better detection of more recent hardware.
  • Several new packages such as ImageMagick (6.3.1), alsa-lib (1.0.14a), aspell (0.60.5), aspell-en (6.0), kvm (33), mailman (2.1.9), perl-Apache-Session (1.83), perl-Authen-Captcha (1.023), sysfsutils (2.1.0), and xl2tpd (1.1.11).
  • The latest stable versions of asterisk (1.4.9), clamav (0.91.1), curl (7.16.4), dovecot (1.0.2), e2fsprogs (1.40.2), engarde-policy (3.16), freetype (2.3.5), iptables (1.3.8), kernel (2.6.22), krb5 (1.6.2), libpcap (0.9.7), lm_sensors (2.10.4), m4 (1.4.10), ntp (4.2.4p3), openswan (2.4.9), perl-RPM (1.51), postgresql (8.2.4), rkhunter (1.3.0), samba (3.0.25b), shorewall (3.2.8), sudo (1.6.9p3), tcpdump (3.9.7), webtool (3.16), and zaptel (1.4.4).
All new users downloading EnGarde Secure Linux for the first time or users who use the LiveCD environment should download this release. Users who are currently using EnGarde Secure Linux do not need to download this release -- they can update their machines via the Guardian Digital Secure Network WebTool module.


Version 3.0.15:

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.15 (Version 3.0, Release 15). This release includes many updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, and a few new features.

The following reported bugs from bugs.engardelinux.org are fixed in this release:
  • #0000068 package openldap-servers will not install
  • #0000073 Add Home Button to Menubar
  • #0000075 Ability to Set User's Home Directory in WebTool
  • #0000107 Policy for clamd and amavisd
  • #0000116 Large number of audit entries in message log
  • #0000120 interface ip address doesn't show up if it is dhcp enabled
  • #0000122 WebTool - [Hardware] System Status
  • #0000125 No SE policy for netdiff
  • #0000126 No X-Spam-Status for virtual mail domains
  • #0000139 SELinux and UBS KVM Switch
  • #0000140 Wish List:: List of item in Engarde 1.5 that I would like ...
  • #0000141 ssh server won't run chrooted users
  • #0000142 Enabling PAM in sshd config causes dynamic linker error
  • #0000143 Postfix SASL
  • #0000150 Subversion missing dependancies
  • #0000151 dhcpd will not start
  • #0000152 mysql++
  • #0000153 Feature Request - Dovecot support for IMAP server
  • #0000154 Thunderbird cannot save e-mail into "Sent" folder using IMAP
  • #0000155 Rootkit Hunter
  • #0000157 php5 upgrade doesn't work
  • #0000158 No mail after upgrading installed packages
  • #0000160 pptpd package
  • #0000161 nrpe package missing initscript & config change request
Several other bugs are fixed in this release as well.

New features include:
  • Due to popular demand (on engarde-users, the EnGarde Forum, and in #0000140), we've made mod_proxy for Apache available via the 'libapache-mod_proxy' package. To use this functionality just install this package from the GDSN Package Management interface and configure it in your httpd.conf.
  • We addressed a bug in the Snort graph generation subsystem which would cause high CPU load. More information on this problem, and the fix, may be found here. Users of EnGarde Secure Linux do not have to do anything to fix this bug -- just run the Guardian Digital Secure Network Update Agent and your system will be patched automatically.
  • Three new instructional documents were written by Ryan W. Maple and added to the EnGarde Secure Linux Wiki:Additions and improvements to these documents are welcomed and encouraged!
  • Several new packages such as dovecot (1.0.1), mysql++ (2.2.3), pptpd (1.3.0), rkhunter (1.2.9), sox (12.17.7).
  • The latest stable versions of asterisk (1.4.5), clamav (0.90.3), checkpolicy (1.34.1), e2fsprogs (1.39), engarde-policy (3.15), kernel (2.6.21), libpng (1.2.18), libselinux (1.34.7), libsemanage (1.10.3), libsepol (1.16.1), nagios-plugins (1.4.9), openswan (2.4.8), php5 (5.2.3), policycoreutils (1.34.6), postfix (2.4.30, ppp (2.4.4), samba (3.0.25a), snort (2.6.1.5), spamassassin (3.2.1), squid (2.6.STABLE13), subversion (1.4.4), vim (7.1), webtool (3.15), zaptel (1.4.3)

Reacties (3)

Reactiefilter:-1303+12+22+30
Moderatie-faq Wijzig weergave
Het ziet er leuk uit, in principe gewoon een web-interface bovenop een paar tools. Daarom vraag ik mij ook af, hoe veilig is dit? Ik als sysadmin wil toch echt weten wat er onder 'the hood' gebeurd. Nou heb ik het nog niet geprobeerd en zal er vast wel een manier zijn om toch te adminnen (via console), maar je kunt nooit alles bijhouden, omdat er vast een paar verborgen switches zitten. Ik zet dan ook mijn twijfels bij dit pakket. Ze hebben dan wel nieuwe pakketjes, maar zijn ze ook stabiel en goed getest, dat is wat ik ook belanrijk zou vinden voor een productieserver. Overall vind ik het te bloated eruit zien (screenshots). Te veel switches, zonder dat je echt weet wat er intern gebeurd.
je kunt ook Bastille proberen, daarmee kun je bestaande of nieuwe servers "hardenen". SecurityFocus heeft een walkthrough om je wegwijs te maken (y)
Iemand ervaring mee op een productie server?

Op dit item kan niet meer gereageerd worden.



Microsoft Windows 10 Home NL Apple iPhone 6s Star Wars: Battlefront (2015) Samsung Galaxy S6 Edge Apple Watch Project CARS Nest Learning Thermostat Games

© 1998 - 2015 de Persgroep Online Services B.V. Tweakers vormt samen met o.a. Autotrack en Carsom.nl de Persgroep Online Services B.V. Hosting door True