msecgui

msecguiAnda bisa menjalankan alat ini dari baris perintah, dengan mengetik msecgui sebagai root. is a graphic user interface for msec that allows to configure your system security according to two approaches: Ini mengatur perilaku sistem, msec memaksakan modifikasi sistem untuk membuatnya lebih aman. It carries on periodic checks automatically on the system in order to warn you if something seems dangerous. msec menggunakan konsep "tingkat keamanan" yang bertujuan untuk mengkonfigurasi seperangkat perizinan sistem, yang bisa diaudit perubahannya atau pemaksaannya. Beberapa diantaranya disarankan oleh Mageia, tapi Anda bisa menentukan sendiri tingkat keamanan penyesuaian.

Lihat gambar di atas Tab pertama memperlihatkan peralatan keamanan berbeda dengan tombol di sebelah kanan untuk mengkonfigurasi mereka: Firewall, juga ada di MCC / Keamanan / Atur firewall pribadi Anda Update, juga ada di MCC / Manajemen Software / Update sistem Anda msec dengan beberapa informasi: hidupkan atau jangan tingkat keamanan Dasar terkonfigurasi tanggal dari pemeriksaan Rutin terakhir dan tombol untuk melihat laporan rinci dan tombol lain untuk menjalankan pemeriksaan sekarang.

Mengklik tab kedua atau tombol Konfigurasi Keamanan akan membawa ke layar yang ditunjukkan di bawah.

Tingkat keamanan: Setelah mencentang kotak Hidupkan alat MSEC, tab ini memungkinkan Anda, dengan klik ganda, memilih tingkat keamanan yang muncul kemudian dengan huruf tebal. Jika kotak tidak dicentang, tingkat « tak ada » akan diterapkan. Tingkat berikut ini tersedia: Tingkat tak ada. Tingkat ini dimaksudkan jika Anda tidak ingin menggunakan msec untuk mengendalikan keamanan sistem, dan lebih suka menyesuaikannya sendiri. Ini mematikan semua pemeriksaan keamanan dan tidak membatasi atau memaksakan pengaturan dan konfigurasi sistem. Gunakan tingkat ini hanya jika Anda mengerti apa yang dilakukan, karena sistem akan mudah diserang. Level standard. This is the default configuration when installed and is intended for casual users. It constrains several system settings and executes daily security checks which detect changes in system files, system accounts, and vulnerable directory permissions. (This level is similar to levels 2 and 3 from past msec versions). Tingkat aman. Tingkat ini dimaksudkan saat Anda ingin memastikan bahwa sistem Anda aman, belum bisa digunakan. Ini akan membatasi perizinan sistem dan menjalankan pemeriksaan lebih sering. Terlebih, akses ke sistem lebih dibatasi. (Tingkat ini serupa dengan tingkat 4 (Tinggi) dan 5 (Paranoid) di msec versi lama). Besides those levels, different task-oriented security are also provided, such as the fileserver , webserver and netbook levels. Such levels attempt to pre-configure system security according to the most common use cases. The last two levels called audit_daily and audit_weekly are not really security levels but rather tools for periodic checks only. Tingkatan ini tersimpan di etc/security/msec/level.<levelname>. Anda bisa menentukan tingkat keamanan yang Anda sesuaikan, menyimpannya ke file spesifik yang disebut level.<levelname>, tempatkan ke dalam folder etc/security/msec/. Fungsi ini dimaksudkan untuk power user yang membutuhkan konfigurasi sistem yang lebih aman atau yang disesuaikan. Keep in mind that user-modified parameters take precedence over default level settings. Peringatan keamanan: If you check the box Send security alerts by email to:, the security alerts generated by msec are going to be sent by local e-mail to the security administrator named in the nearby field. You can fill either a local user or a complete e-mail address (the local e-mail and the e-mail manager must be set accordingly). At last, you can receive the security alerts directly on your desktop. Check the relevant box to enable it. It is strongly advisable to enable the security alerts option in order to immediately inform the security administrator of possible security problems. If not, the administrator will have to regularly check the logs files available in /var/log/security. Security options: Creating a customised level is not the only way to customise the computer security, it is also possible to use the tabs presented here after to change any option you want. Current configuration for msec is stored in /etc/security/msec/security.conf. This file contains the current security level name and the list of all the modifications done to the options.

This tab displays all the security options on the left side column, a description in the centre column, and their current values on the right side column. To modify an option, double click on it and a new window appears (see screenshot below). It displays the option name, a short description, the actual and default values, and a drop down list where the new value can be selected. Click on the OK button to validate the choice. Do not forget when leaving msecgui to save definitively your configuration using the menu File -> Save the configuration. If you have changed the settings, msecgui allows you to preview the changes before saving them.

This tab displays all the network options and works like the previous tab

Periodic checks aim to inform the security administrator by means of security alerts of all situations msec thinks potentially dangerous. This tab displays all the periodic checks done by msec and their frequency if the box Enable periodic security checks is checked. Changes are done like in the previous tabs.

Sometimes alert messages are due to well known and wanted situations. In these cases they are useless and wasted time for the administrator. This tab allows you to create as many exceptions as you want to avoid unwanted alert messages. It is obviously empty at the first msec start. The screenshot below shows four exceptions. To create an exception, click on the Add a rule button Select the wanted periodic check in the drop down list called Check and then, enter the Exception in the text area. Adding an exception is obviously not definitive, you can either delete it using the Delete button of the Exceptions tab or modify it with a double clicK.

This tab is intended for file and directory permissions checking and enforcement. Like for the security, msec owns different permissions levels (standard, secure, ..), they are enabled accordingly with the chosen security level. You can create your own customised permissions levels, saving them into specific files called perm.<levelname> placed into the folder etc/security/msec/ . This function is intended for power users which require a customised configuration. It is also possible to use the tab presented here after to change any permission you want. Current configuration is stored in /etc/security/msec/perms.conf. This file contains the list of all the modifications done to the permissions. Default permissions are visible as a list of rules (a rule per line). You can see on the left side, the file or folder concerned by the rule, then the owner, then the group and then the permissions given by the rule. If, for a given rule: the box Enforce is not checked, msec only checks if the defined permissions for this rule are respected and sends an alert message if not, but does not change anything. the box Enforce is checked, then msec will rule the permissions respect at the first periodic check and overwrite the permissions. For this to work, the option CHECK_PERMS in the Periodic check tab must be configured accordingly.To create a new rule, click on the Add a rule button and fill the fields as shown in the example below. The joker * is allowed in the File field. “current” means no modification. Click on the OK button to validate the choice and do not forget when leaving to save definitively your configuration using the menu File -> Save the configuration. If you have changed the settings, msecgui allows you to preview the changes before saving them. It is also possible to create or modify the rules by editing the configuration file /etc/security/msec/perms.conf. Changes in the Permission tab (or directly in the configuration file) are taken into account at the first periodic check (see the option CHECK_PERMS in the Periodic checks tab). If you want them to be taken immediately into account, use the msecperms command in a console with root rights. You can use before, the msecperms -p command to know the permissions that will be changed by msecperms. Do not forget that if you modify the permissions in a console or in a file manager, for a file where the box Enforce is checked in the Permissions tab , msecgui will write the old permissions back after a while, accordingly to the configuration of the options CHECK_PERMS and CHECK_PERMS_ENFORCE in the Periodic Checks tab .