From Fedora Project Wiki

Revision as of 17:17, 3 February 2014 by Sparks (talk | contribs) (Created page with "== History == The current (Fedora 20) Security Guide (minus the SELinux stuff) is a mash together of the RHEL 6 Security Guide and the hardening advice that was posted on the ...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

History

The current (Fedora 20) Security Guide (minus the SELinux stuff) is a mash together of the RHEL 6 Security Guide and the hardening advice that was posted on the Fedora wiki around the time of Fedora 12. It's quite obvious to anyone reading the entire document that the beginning of the guide reads one way while the end reads differently as if they had different missions (they do!).

Looking forward

It's okay to look at the guide and say that while much of the guide is okay much of it is crap. There may be a need for basic security education I feel that it is best suited to other documentation and training resources. I'd like to go into the next version of this guide with a fresh look at what is needed: hardening advice, auditing advice, how to use the security tools that are available, etc. This will not be easy but it's doable.

Topics to be covered

SELinux

There is a lot of SELinux stuff in guide. It needs to be combed through and evaluated to determine what is needed, necessary, and up to date. There is also a treasure trove of stuff on Dan Walsh's blog that needs to be converted and brought into the mix. I'm sure we're missing some rather large topics regarding what SELinux can do now.

Firewalls

Yeah, there is currently no good documentation on setting up firewalld.

SCAP

Man, this is going to be a huge topic. From setup to auditing to writing your own rules... SCAP should be written up well.

Encryption

It's hard. Lets try to make it a little easier.

Use cases

httpd

How do I setup Apache to be secure and use good ciphers?

dovecot

How do I setup dovecot to be secure and use good ciphers?

Auditing