6.1. harden

The harden package tries to make it more easy to install and administer hosts that need good security. This package should be used by people that want some quick help to enhance the security of the system. It automatically installs some tools that should enhance security in some way: intrusion detection tools, security analysis tools, etc. Harden installs the following virtual packages (i.e. no contents, just dependencies or recommendations on others):

  • harden-tools: tools to enhance system security (integrity checkers, intrusion detection, kernel patches…)

  • harden-environment: helps configure a hardened environment (currently empty).

  • harden-servers: removes servers considered insecure for some reason.

  • harden-clients: removes clients considered insecure for some reason.

  • harden-remoteaudit: tools to remotely audit a system.

  • harden-nids: helps to install a network intrusion detection system.

  • harden-surveillance: helps to install tools for monitoring of networks and services.

Useful packages which are not a dependence:

  • harden-doc: provides this same manual and other security-related documentation packages.

  • harden-development: development tools for creating more secure programs.

Be careful because if you have software you need (and which you do not wish to uninstall for some reason) and it conflicts with some of the packages above you might not be able to fully use harden. The harden packages do not (directly) do a thing. They do have, however, intentional package conflicts with known non-secure packages. This way, the Debian packaging system will not approve the installation of these packages. For example, when you try to install a telnet daemon with harden-servers, apt will say:

  1. # apt-get install telnetd 
  2. The following packages will be REMOVED:
  3.   harden-servers
  4. The following NEW packages will be installed:
  5.   telnetd 
  6. Do you want to continue? [Y/n]

这应当在管理员的头脑中引起一些警惕,考虑一下您的操作.