Forgot your password?
typodupeerror
Security Announcements

EnGarde Secure Linux v2 Out 70

Posted by Hemos
from the lock-it-down dept.
Chuck writes "I came across EnGarde Secure Linux about two years ago when it was first released, and I see they just released the newest version. Improved Mandatory Access Control using LIDS, awesome web-based manager, code from the Openwall Project and winner of the Network Computing Hardened Linux product of the year. I love EnGarde."
This discussion has been archived. No new comments can be posted.

EnGarde Secure Linux v2 Out

Comments Filter:
  • Commercial? (Score:4, Interesting)

    by Anonymous Coward on Monday May 26, 2003 @10:25AM (#6040173)
    I thoght EnGarde was strictly commercial nowadays?? No?

  • Oh Engarde (Score:1, Funny)

    by Anonymous Coward
    Oh Engarde Linux,
    We stand on guard for thee...
  • by CoolVibe (11466) on Monday May 26, 2003 @10:26AM (#6040181) Journal
    Guess this is one of those slashdot sponsored "advertisement" advertising stories huh?

    Anyway, LIDS is great. Played with it, and deemed it cool. Now I wish FreeBSD had something that cool (since that's my main OS of choice), but LOMAC comes pretty close.

    Heck, I just might give this a whirl on one of my testboxes...

  • Alternatives (Score:5, Informative)

    by schroet (244506) on Monday May 26, 2003 @10:27AM (#6040186)
    We like Astaro a lot.

    http://www.astaro.de/php/statics.php?action=asl& la ng=gb

    Could anyone compare the 2?
    • Re:Alternatives (Score:5, Informative)

      by warez (669723) on Monday May 26, 2003 @12:35PM (#6040737)
      Astaro is a hybrid firewall (stateful packet filter, application proxy), with a bunch of other nifty features. I 'discovered' it a couple of months ago on freshmeat when I was about to put together my own security box. After playing with it, I am nothing short of impressed, and its FREE for home use. it is a refined product. Engarde is a hardened linux distro; it's most practical use is turning it into a secure pubic server. The two actually goes hand in hand, as they aren't competing products.
  • by MacOS_Rules (170853) on Monday May 26, 2003 @10:27AM (#6040189) Homepage
    Quoth the poster: "I love EnGarde."

    The best part: it automatically uses protection! Just don't try a backdoor!

    ---OWWW! Stop hitting me!---
  • Wait (Score:1, Funny)

    by Anonymous Coward
    Isn't this kinda risky? Shouldn't they have waited to see what happens with SCO first?
  • by IO ERROR (128968) <error&ioerror,us> on Monday May 26, 2003 @10:31AM (#6040208) Homepage Journal
    No Linux administration skills required.


    HUH? This is supposed to be an uber-secure system and you don't have to administer it? Somebody explain this to me like I'm a two year old, because I just don't get it.

    • by questamor (653018) on Monday May 26, 2003 @10:51AM (#6040294)
      All ports are turned off by default, with no way to turn them on. Also, networking hasn't been compiled into the kernel.

      Not only that, no users are allowed. not even root.

      It's supplied preinstalled on a PC with no powerswitch. hell, no PSU even.

      They think of everything...
    • by Anonymous Coward
      What they mean is you don't need to be a Linux guru to set up the box. Everything is using web browser with a few clicks, even updating your system. The only thing is you have to sign up with GDSN to keep up with updates and support. I believe they have 30 days trial for it on the new version just released few weeks ago. Originally one could update the system without signing up for GDSN account (they publish updates through ftp) but that doesn't seem like gonna happen with this new release. I could underst
  • Good stuff! (Score:2, Interesting)

    by sokkelih (632304)
    I hope these guys do some co-operation with thingies like OpenBSD. I would love to see outcome of that. Great!
  • Something Different (Score:2, Interesting)

    by Ween (13381)
    Offtopic, but along the same vein, I would like to find a distribution of linux or *bsd that provides out of the box support for virtual mail hosting (many domains, 1 ip), name based virtual hosting, and the like. All with a simple to use console configuration. I've built my own several times, but thats time consuming. Anyone got any suggestions?
  • by Anonymous Coward
    Engarde comes in two flavors: commercial and community. Community is the free version.
  • Let's see how this baby performs against a Distributed Denial of Service attack....
  • Braino (Score:3, Funny)

    by wowbagger (69688) * on Monday May 26, 2003 @10:53AM (#6040301) Homepage Journal
    While reading the summary, I misread
    Openwall Project


    as

    Orwell Project


    which, I personally feel would be an interesting name for a security enhancing project - right up there with Big Brother [bb4.com].

    ENOCAFFINE
  • OpenBSD lite. For the only interested in a partial code review...
    • Re:Sounds like.. (Score:1, Insightful)

      by Anonymous Coward
      code review != security

      it just helps reduce bugs/vulnerabilities

      LIDS etc OTOH protect when a bug is found, something OBSD does not.

      furthermore, OBSD audits the base intall, which is essentially usefull.

      Secure by default only, 'cept noone only runs default.
  • Pricing. (Score:5, Interesting)

    by Qbertino (265505) on Monday May 26, 2003 @11:45AM (#6040504)
    What's this supposed to be?
    Is this such a big fat hairy deal that you have to charge a minimum of 800$ for a "oh-so-extra-special-secure-Linux" distro?
    Ok, if it's so easy to install that any Webdesigner could get it on right out of the box I say ok, let them Dreamweavers pay the price if they're to cheap for hiring a sysadmin to their team.
    But I seriously doupt that this one pulls the trick better than a securepatched SuSE, Debian or OpenBSD.
    Does anybody have solid expierience with this distro and can they testify that its bizar retail price is justified?
    • Re:Pricing. (Score:3, Informative)

      by div_2n (525075)
      At a place I used to work we had two Engarde boxes sitting in a DMZ acting as DNS servers. In two years I was there they NEVER went down and as far as we could tell had never been cracked. Our IDS did record quite a few attempts though.

      I can't say the same for our Citrix servers . . .

      IMHO the price is definitely worth it. I have spoken with the CEO Dave Wreski many times and he has helped me through several tough problems. Hands down their tech support has been unbelievable. I recommend their product
  • by Fefe (6964) on Monday May 26, 2003 @12:14PM (#6040635) Homepage
    Ah, so these are the people OpenBSD learned everything from, right?
  • "Improved Mandatory Access Control" would be iMAC ?
  • It's good to see a distro that focuses on security. I've used version 1.0, and it did a decent job "out of the box". It'll be interesting to try out this latest version since some of the new features look very appealing.

    Is there anyone out there that uses EnGarde in their production environment?

    • Is there anyone out there that uses EnGarde in their production environment?

      I have been using the community version of Engarde's last release as a 10 user email server for about a year. It has run flawlessly. The only downtime I have had the whole time was for a reboot after a kernel up grade.

      Engarde has a very nice HTML front end that will get you started. I found however, that after I had been using the system for a little while I had modified things to the point that I didn't trust the HTML front e

  • The installation howto for LIDS [lids.org] says that you can turn it off by appending security=0 as a kernel parameter in your boot loader. This seems silly since they go to a lot of trouble to ensure that even the root user can't kill its processess and stuff. What is stopping the root user from just editing the boot loader conf and rebooting with these parameters.

fortune: not found

Working...