SE-01: What is msec, and how do I use it?

[bvc]

Browse: [About the FAQ Forum] [Table of Contents] [FAQs] [Contribute] [SE: Security, firewalls...]

 

SE-01: What is msec, and how do I use it?

 

There's a good article at MandrakeSecure called Introduction to msec.

 

See also;

man msec

 

The following description is from man msec.

DESCRIPTION

Msec is the main script of the msec package. It enables the system

administrator to change the security level for that system. Msec is

provided with six preconfigured security levels. These levels range

from poor security and ease of use, to paranoid config, suitable for

very sensitive server applications.

 

You must be root to run msec.

Launch "msec x" to set you security level to x (x=[0-5]). It'll modify

your system according to security level x features. Called without

argument, it will enforce the current security level without lowering

security.

All the changes are logged to syslog at the AUTH facility when called

non interactivelly (by cron for example) or at the LOCAL1 facility when

called interactivelly (on the command line or from Mandrake Control

Center for example).

For a fine description of each security level, consult the documenta-

tion under /usr/share/doc/msec-*/security.txt.

 

If you want to make changes to the current level, use /etc/secu-

rity/msec/perm.local to override the permissions/owners/groups and

/etc/security/msec/level.local to override the rules (see mseclib(3)

for details).