Now that we have a VM that sits on an encrypted data store. We can install utilities that can make the our guest OS more secure.
Since I opted for XUbuntu as my guest OS I'll be using apt-get and ubuntu's package management system.
Ok first I think we need a secure way of deleting data. Since deleting data doesn't actually overwrite the data. We'll need something that does that. Two programs I use are wipe and scrub.
Now we need a way to browse the Internet. I prefer firefox but chrome/chromium is also a good choice. If you want to take to the next level I suggest using tor. Either install tor and a proxy server on the OS or get the tor bundle. The bundle include firefox with some addons that promote safe browsing.
Deletion
wipe
scrub
Internet Browsing
chrome/chromium
firefox
tor bundle
Email/Messaging
Thunderbird
pidgin
torchat
enigmail
aide
snort
apg
ntop
darkstat
nmap
openvpn
strongswan
ufw
firestarter
denyhost
fail2ban
disable root ssh login
Thursday, June 28, 2012
Thursday, June 14, 2012
Secure Virutal Machine. Creating
Creating a secure VM using Linux, Encfs, and Virtutal Box.
First install and setup Encfs.
To create an Encfs directory run.
encfs /path/to/encrypted-directory /path/to/mount-directory
encfs ~/.encOS ~/encOS;
This command also mount the directory.
Now time to choose the OS. For this example I chose XUbuntu.
Install Virtual Box and create your VM using the Encfs directory.
Create the VM image in the Encfs directory. I feel an image is more portable than any of the other disk options in Virtual Box.
For an added level of complexity you might want to encrypt the system or your home directory in the VM.
Also use a complex password. I suggest a password with at least 14 characters including letters, numbers, and special characters.
GRC has a password calculator if you to see how complex your password is.
Once you have finished installing your OS. You are done with the first part of creating a secure VM. Now all data on the VM is encrypted and if you enabled home directory encryption your personal files in your home directory are double encrypted.
Later we'll add utilities to add more security to the VM.
First install and setup Encfs.
To create an Encfs directory run.
encfs /path/to/encrypted-directory /path/to/mount-directory
encfs ~/.encOS ~/encOS;
This command also mount the directory.
Now time to choose the OS. For this example I chose XUbuntu.
Install Virtual Box and create your VM using the Encfs directory.
Create the VM image in the Encfs directory. I feel an image is more portable than any of the other disk options in Virtual Box.
For an added level of complexity you might want to encrypt the system or your home directory in the VM.
Also use a complex password. I suggest a password with at least 14 characters including letters, numbers, and special characters.
GRC has a password calculator if you to see how complex your password is.
Once you have finished installing your OS. You are done with the first part of creating a secure VM. Now all data on the VM is encrypted and if you enabled home directory encryption your personal files in your home directory are double encrypted.
Later we'll add utilities to add more security to the VM.
Thursday, June 7, 2012
Nagios server and client on CentOS 6
Install Centos 6 and configure as needed
Nagios Server install
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
yum install nagios nagios-plugins-all nagios-plugins-nrpe php-pear mod_ssl net-snmp-utils sendmail
chkconfig httpd on
chkconfig sendmail on
service sendmail restart
uncomment SSLRequireSSL in /etc/httpd/conf.d/nagios.conf
restart httpd
Add check nrpe command.
Add the following to /etc/nagios/objects/commands.cfg.
define command{
command_name check_nrpe
command_line /usr/lib64/nagios/plugins/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
make the servers directory
mkdir /etc/nagios/servers
chown root:nagios /etc/nagios/servers
service nagios restart
(a reboot might be necessary)
The Nagios server should working and accessible from the web interface.
On a separate machine install Centos 6 with minimal packages. Configure the system as needed.
Client nrpe install
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
yum install nagios-plugins-nrpe nagios-plugins-all nagios-nrpe openssl
allowed_hosts=127.0.0.1,x.x.x.x
Also change the server_address to the nrpe client IP
chown nrpe:nrpe /etc/nagios/nrpe.cfg
chkconfig nrpe on
service nrpe restart
Allow port 5666 in iptables
Check connections from both nrpe and nagios server
/usr/lib64/nagios/plugins/check_nrpe -H (IP of nrpe)
define host{
use linux-server
host_name (nrpe client name)
alias CentOS 6
address (nrpe client)
}
service nagios restart
There should now be two hosts on in the web interface.
Nagios Server install
- Install epel
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
- Disable selinux
- Install Nagios packages
yum install nagios nagios-plugins-all nagios-plugins-nrpe php-pear mod_ssl net-snmp-utils sendmail
- Create nagios user and password or web interface
- Iptables
- Add apache to nagios group
- configure services
chkconfig httpd on
chkconfig sendmail on
service sendmail restart
- Edit httpd.conf and enable SSL in nagios.conf
uncomment SSLRequireSSL in /etc/httpd/conf.d/nagios.conf
restart httpd
- Configure for nrpe
Add check nrpe command.
Add the following to /etc/nagios/objects/commands.cfg.
define command{
command_name check_nrpe
command_line /usr/lib64/nagios/plugins/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
make the servers directory
mkdir /etc/nagios/servers
chown root:nagios /etc/nagios/servers
service nagios restart
(a reboot might be necessary)
The Nagios server should working and accessible from the web interface.
On a separate machine install Centos 6 with minimal packages. Configure the system as needed.
Client nrpe install
- Install epel
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
- Disable selinux
- Install Nagios nrpe packages
yum install nagios-plugins-nrpe nagios-plugins-all nagios-nrpe openssl
- Add allowed hosts
allowed_hosts=127.0.0.1,x.x.x.x
Also change the server_address to the nrpe client IP
chown nrpe:nrpe /etc/nagios/nrpe.cfg
- nrpe services
chkconfig nrpe on
service nrpe restart
Allow port 5666 in iptables
Check connections from both nrpe and nagios server
/usr/lib64/nagios/plugins/check_nrpe -H (IP of nrpe)
- Add the nrpe client to the nagios server
define host{
use linux-server
host_name (nrpe client name)
alias CentOS 6
address (nrpe client)
}
service nagios restart
There should now be two hosts on in the web interface.
Subscribe to:
Posts (Atom)