About nixCraft

• Daily Linux tips, hacks, news, ideas and much more »
• 
  
• 

• nixCraft welcomes readers' articles and guest blogging posts. We're interested in articles on programming, security, database, Linux and anything else related to technology.

Topics

• Debian Linux
• GNU/Open source
• Howto
• Linux
• Security
• Suse Linux
• Ubuntu Linux
• See all topics...

Secure Suse Linux Server with AppArmor - Howto

Application Armor (AppArmor) is security software just like SELinux. It is currently maintained by Novell and available under Suse Linux enterprise server.

Why use AppArmor (or SELinux) mandatory access control?

Both of these provide a protection against zero-day security flaw. The security flaw allows an attacker to execute any code on server. If AppArmor or SELinux is enabled it will protect Linux applications (such as httpd/squid/ssjhd) from such code.

I found SELinux bit hard to manage and some time it breaks the system. These instructions seem quite easy to me. Christian Boltz explains how to use the YaST AppArmor modules or the command-line tools to secure your server using AppArmor.

From the article:
If you want to secure your server using AppArmor, you have to create and modify the profiles for all the applications you use. This can easily be done using the YaST AppArmor modules or the command-line tools.

The YaST modules are more or less self-explaining, but more for mouse users - and you should never have a mouse attached to your server

Therefore I'll explain the command-line tools a bit. I'll also explain some AppArmor basics when needed.

Securing Your Server With AppArmor

Also note that AppArmor packages exists for:

1. Slackware Linux
2. Debian Linux
3. Ubuntu Linux etc.

PS: These tools are not silver bullet but provide little more isolation and makes crackers life littler harder

• How To Secure Mac OS X Computer ( Hardening Mac )
• The Largest Wifi Wireless Cracking Ever - ID Fraud Case
• Book review: Linux Server Security, 2nd Edition
• Download OpenSuse Linux 10.2
• How To Secure Home Wi-Fi ( Wireless ) Network

Leave a Reply

We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!

Search

Advertisements

Would you like to...

• Print this page
• Email this page

more ~/options

• About us
• Testimonials
• Contact us

Archives

• Select Month September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006 December 2005 November 2005 October 2005 September 2005 August 2005 July 2005 June 2005 May 2005 April 2005 March 2005 February 2005 January 2005 December 2004 November 2004 October 2004 August 2004 July 2004 June 2004 May 2004 April 2004 March 2004

nixCraft RSS Feeds

Copyright © 2004-2008 nixCraft. All rights reserved - TOS/Disclaimer - Privacy policy - Sitemap - Powered by Open source software.