From 91b977cc739cbf7cedae88b82c3ffd466ecedb4e Mon Sep 17 00:00:00 2001 From: Yuri Chornoivan Date: Tue, 26 Aug 2014 19:47:45 +0300 Subject: Update MCC docs --- docs/mcc-help/eu/msecgui.xml | 358 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 358 insertions(+) create mode 100644 docs/mcc-help/eu/msecgui.xml (limited to 'docs/mcc-help/eu/msecgui.xml') diff --git a/docs/mcc-help/eu/msecgui.xml b/docs/mcc-help/eu/msecgui.xml new file mode 100644 index 00000000..31e8f3e7 --- /dev/null +++ b/docs/mcc-help/eu/msecgui.xml @@ -0,0 +1,358 @@ +
+ + MSEC: Sistemaren segurtasuna eta auditoritzak + + msecgui + + + + + + + + + + + + + +
+ Aurkezpena + + msecguiKomando-lerrotik tresna hau abiaraz dezakezu, msecgui root bezala idatziz. + is a graphic user interface for +msec that allows to configure your system security according to two +approaches: + + + + It sets the system behaviour, msec imposes modifications to the system to +make it more secure. + + + + It carries on periodic checks automatically on the system in order to warn +you if something seems dangerous. + + + + msec uses the concept of "security levels" which are intended to configure a +set of system permissions, which can be audited for changes or +enforcement. Several of them are proposed by Mageia, but you can define your +own customised security levels. +
+ +
+ Ikuspegi orokorra taulan + + See the screenshot above + + The first tab takes up the list of the different security tools with a +button on the right side to configure them: + + + + Firewall, also found in the MCC / Security / Set up your personal firewall + + + + Updates, also found in MCC / Software Management / Update your system + + + + msec itself with some information: + + + + Gaitu edo ez + + + + the configured Base security level + + + + the date of the last Periodic checks and a button to see a detailed report +and another button to execute the checks just now. + + + + +
+ +
+ Security settings tab + + A click on the second tab or on the Security +Configure button leads to the same screen shown +below. + + + + + + + + +
+ Basic security tab + + + Segurtasu mailak: + + + After having checked the box Enable MSEC tool, this tab +allows you by a double click to choose the security level that appears then +in bold. If the box is not checked, the level « none » is applied. The +following levels are available: + + + + Level none. This level is intended if you +do not want to use msec to control system security, and prefer tuning it on +your own. It disables all security checks and puts no restrictions or +constraints on system configuration and settings. Please use this level only +if you are knowing what you are doing, as it would leave your system +vulnerable to attack. + + + + Level standard. This is the default +configuration when installed and is intended for casual users. It +constrains several system settings and executes daily security checks which +detect changes in system files, system accounts, and vulnerable directory +permissions. (This level is similar to levels 2 and 3 from past msec +versions). + + + + Level secure. This level is intended when +you want to ensure your system is secure, yet usable. It further restricts +system permissions and executes more periodic checks. Moreover, access to +the system is more restricted. (This level is similar to levels 4 (High) and +5 (Paranoid) from old msec versions). + + + + Besides those levels, different task-oriented security are also provided, +such as the fileserver , webserver and netbook levels. Such levels attempt to pre-configure +system security according to the most common use cases. + + + + The last two levels called audit_daily and +audit_weekly are not really security levels +but rather tools for periodic checks only. + + + + These levels are saved in +etc/security/msec/level.<levelname>. You can define +your own customised security levels, saving them into specific files called +level.<levelname>, placed into the folder +etc/security/msec/. This function is intended for power +users which require a customised or more secure system configuration. + + + Keep in mind that user-modified parameters take precedence over default +level settings. + + + + Security alerts: + + + If you check the box Send security alerts by email +to:, the security alerts generated by msec are going to be sent +by local e-mail to the security administrator named in the nearby field. You +can fill either a local user or a complete e-mail address (the local e-mail +and the e-mail manager must be set accordingly). At last, you can receive +the security alerts directly on your desktop. Check the relevant box to +enable it. + + + It is strongly advisable to enable the security alerts option in order to +immediately inform the security administrator of possible security +problems. If not, the administrator will have to regularly check the logs +files available in /var/log/security. + + Security options: + + Creating a customised level is not the only way to customise the computer +security, it is also possible to use the tabs presented here after to change +any option you want. Current configuration for msec is stored in +/etc/security/msec/security.conf. This file contains +the current security level name and the list of all the modifications done +to the options. +
+ +
+ System security tab + + This tab displays all the security options on the left side column, a +description in the centre column, and their current values on the right side +column. + + + + + + + + To modify an option, double click on it and a new window appears (see +screenshot below). It displays the option name, a short description, the +actual and default values, and a drop down list where the new value can be +selected. Click on the OK button to validate the +choice. + + + + + + + + + Do not forget when leaving msecgui to save definitively your configuration +using the menu File -> Save the configuration. If you +have changed the settings, msecgui allows you to preview the changes before +saving them. + + + + + + + +
+ +
+ Sare segurtasuna + + This tab displays all the network options and works like the previous tab + + + + + + +
+ +
+ Periodic checks tab + + Periodic checks aim to inform the security administrator by means of +security alerts of all situations msec thinks potentially dangerous. + + This tab displays all the periodic checks done by msec and their frequency +if the box Enable periodic security checks is +checked. Changes are done like in the previous tabs. + + + + + + +
+ +
+ Exceptions tab + + Sometimes alert messages are due to well known and wanted situations. In +these cases they are useless and wasted time for the administrator. This tab +allows you to create as many exceptions as you want to avoid unwanted alert +messages. It is obviously empty at the first msec start. The screenshot +below shows four exceptions. + + + + + + + + To create an exception, click on the Add a rule +button + + + + + + + + Select the wanted periodic check in the drop down list called +Check and then, enter the +Exception in the text area. Adding an exception is +obviously not definitive, you can either delete it using the +Delete button of the Exceptions +tab or modify it with a double clicK. +
+ +
+ Baimenak + This tab is intended for file and directory permissions checking and +enforcement. + Like for the security, msec owns different permissions levels (standard, +secure, ..), they are enabled accordingly with the chosen security +level. You can create your own customised permissions levels, saving them +into specific files called perm.<levelname> placed +into the folder etc/security/msec/ . This function is +intended for power users which require a customised configuration. It is +also possible to use the tab presented here after to change any permission +you want. Current configuration is stored in +/etc/security/msec/perms.conf. This file contains the +list of all the modifications done to the permissions. + + + + + + Default permissions are visible as a list of rules (a rule per line). You +can see on the left side, the file or folder concerned by the rule, then the +owner, then the group and then the permissions given by the rule. If, for a +given rule: + + + the box Enforce is not checked, msec only checks if the +defined permissions for this rule are respected and sends an alert message +if not, but does not change anything. + + + + the box Enforce is checked, then msec will rule the +permissions respect at the first periodic check and overwrite the +permissions. + + For this to work, the option CHECK_PERMS in the Periodic check tab must be configured accordingly.To create a new rule, click on the Add a rule button +and fill the fields as shown in the example below. The joker * is allowed in +the File field. “current” means no modification. + + + + + + Click on the OK button to validate the choice and do +not forget when leaving to save definitively your configuration using the +menu File -> Save the configuration. If you have changed +the settings, msecgui allows you to preview the changes before saving them. + It is also possible to create or modify the rules by editing the +configuration file /etc/security/msec/perms.conf. + + Changes in the Permission tab (or directly +in the configuration file) are taken into account at the first periodic +check (see the option CHECK_PERMS in the Periodic +checks tab). If you want them to be taken immediately into +account, use the msecperms command in a console with root rights. You can +use before, the msecperms -p command to know the permissions that will be +changed by msecperms. + Do not forget that if you modify the permissions in a console or in a file +manager, for a file where the box Enforce is checked +in the Permissions tab , msecgui will write +the old permissions back after a while, accordingly to the configuration of +the options CHECK_PERMS and CHECK_PERMS_ENFORCE in the Periodic Checks tab . +
+
+
-- cgit v1.2.1