msecgui

msecguiPuede iniciar esta herramienta como superusuario desde la línea de comando, escribiendo msecgui. is a graphic user interface for msec that allows to configure your system security according to two approaches: Establece el comportamiento del sistema, msec impone modificaciones en el sistema para que sea más seguro. Se lleva a cabo controles periódicos de forma automática en el sistema con el fin de advertir que si algo parece peligroso. msec utiliza el concepto de "niveles de seguridad", que tiene la intención de configurar un conjunto de permisos del sistema, que pueden ser auditados para cambiar o confirmar. Varios de ellos son propuestos por Mageia, pero usted puede definir sus propios niveles de seguridad personalizados.

Ver la captura anterior La primera pestaña retoma la lista de las diferentes herramientas de seguridad con un botón en el lado derecho para configurarlos: Firewall, también se encuentra en el MCC / Seguridad / Configure su servidor de seguridad personal Actualizaciones, también se encuentran en MCC / Software de Gestión / Actualizar su sistema msec alguna información de si misma: habilitado o no el nivel de seguridad base configurado la fecha de las últimas comprobaciones periódicas y un botón para ver un informe detallado y otro botón para ejecutar los controles en este momento.

A click on the second tab or on the Security Configure button leads to the same screen shown below.

Niveles de seguridad: After having checked the box Enable MSEC tool, this tab allows you by a double click to choose the security level that appears then in bold. If the box is not checked, the level « none » is applied. The following levels are available: Level none. This level is intended if you do not want to use msec to control system security, and prefer tuning it on your own. It disables all security checks and puts no restrictions or constraints on system configuration and settings. Please use this level only if you are knowing what you are doing, as it would leave your system vulnerable to attack. Level standard. This is the default configuration when installed and is intended for casual users. It constrains several system settings and executes daily security checks which detect changes in system files, system accounts, and vulnerable directory permissions. (This level is similar to levels 2 and 3 from past msec versions). Level secure. This level is intended when you want to ensure your system is secure, yet usable. It further restricts system permissions and executes more periodic checks. Moreover, access to the system is more restricted. (This level is similar to levels 4 (High) and 5 (Paranoid) from old msec versions). Besides those levels, different task-oriented security are also provided, such as the fileserver , webserver and netbook levels. Such levels attempt to pre-configure system security according to the most common use cases. The last two levels called audit_daily and audit_weekly are not really security levels but rather tools for periodic checks only. These levels are saved in etc/security/msec/level.<levelname>. You can define your own customised security levels, saving them into specific files called level.<levelname>, placed into the folder etc/security/msec/. This function is intended for power users which require a customised or more secure system configuration. Tenga en cuenta que los parámetros modificados por el usuario tienen prioridad sobre los ajustes de nivel por defecto. Alertas de seguridad: If you check the box Send security alerts by email to:, the security alerts generated by msec are going to be sent by local e-mail to the security administrator named in the nearby field. You can fill either a local user or a complete e-mail address (the local e-mail and the e-mail manager must be set accordingly). At last, you can receive the security alerts directly on your desktop. Check the relevant box to enable it. It is strongly advisable to enable the security alerts option in order to immediately inform the security administrator of possible security problems. If not, the administrator will have to regularly check the logs files available in /var/log/security. Opciones de seguridad: Creating a customised level is not the only way to customise the computer security, it is also possible to use the tabs presented here after to change any option you want. Current configuration for msec is stored in /etc/security/msec/security.conf. This file contains the current security level name and the list of all the modifications done to the options.

Esta ficha muestra todas las opciones de seguridad en la columna de la izquierda, una descripción en la columna central, y sus valores actuales en la columna de la derecha. To modify an option, double click on it and a new window appears (see screenshot below). It displays the option name, a short description, the actual and default values, and a drop down list where the new value can be selected. Click on the OK button to validate the choice. Do not forget when leaving msecgui to save definitively your configuration using the menu File -> Save the configuration. If you have changed the settings, msecgui allows you to preview the changes before saving them.

This tab displays all the network options and works like the previous tab

Revisiones periódicas tienen como objetivo informar al administrador de seguridad por medio de alertas de seguridad de todas las situaciones que msec cree potencialmente peligrosas. This tab displays all the periodic checks done by msec and their frequency if the box Enable periodic security checks is checked. Changes are done like in the previous tabs.

A veces, los mensajes de alerta se deben a situaciones conocidas y buscadas. En estos casos se trata de tiempo inútil y perdido para el administrador. Esta ficha le permite crear tantas excepciones que se quiere evitar los mensajes de alerta no deseados. Evidentemente, esta vacía en el primer arranque msec. La siguiente captura de pantalla muestra cuatro excepciones. Para crear una excepción, pulse en el botón Añadir una regla Select the wanted periodic check in the drop down list called Check and then, enter the Exception in the text area. Adding an exception is obviously not definitive, you can either delete it using the Delete button of the Exceptions tab or modify it with a double clicK.

Esta ficha está destinada a los permisos de archivos y directorios de comprobación y la observancia. Like for the security, msec owns different permissions levels (standard, secure, ..), they are enabled accordingly with the chosen security level. You can create your own customised permissions levels, saving them into specific files called perm.<levelname> placed into the folder etc/security/msec/ . This function is intended for power users which require a customised configuration. It is also possible to use the tab presented here after to change any permission you want. Current configuration is stored in /etc/security/msec/perms.conf. This file contains the list of all the modifications done to the permissions. Permisos predeterminados son visibles como una lista de reglas (una regla por línea). Se puede ver en el lado izquierdo, el archivo o la carpeta que se trate por la regla, el dueño, el grupo y luego los permisos dados por la regla. Si, por una regla dada: the box Enforce is not checked, msec only checks if the defined permissions for this rule are respected and sends an alert message if not, but does not change anything. the box Enforce is checked, then msec will rule the permissions respect at the first periodic check and overwrite the permissions. For this to work, the option CHECK_PERMS in the Periodic check tab must be configured accordingly.To create a new rule, click on the Add a rule button and fill the fields as shown in the example below. The joker * is allowed in the File field. “current” means no modification. Click on the OK button to validate the choice and do not forget when leaving to save definitively your configuration using the menu File -> Save the configuration. If you have changed the settings, msecgui allows you to preview the changes before saving them. It is also possible to create or modify the rules by editing the configuration file /etc/security/msec/perms.conf. Changes in the Permission tab (or directly in the configuration file) are taken into account at the first periodic check (see the option CHECK_PERMS in the Periodic checks tab). If you want them to be taken immediately into account, use the msecperms command in a console with root rights. You can use before, the msecperms -p command to know the permissions that will be changed by msecperms. Do not forget that if you modify the permissions in a console or in a file manager, for a file where the box Enforce is checked in the Permissions tab , msecgui will write the old permissions back after a while, accordingly to the configuration of the options CHECK_PERMS and CHECK_PERMS_ENFORCE in the Periodic Checks tab .