Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Trustix, a Worthy Contender? 107

Linux.com (also owned by OSTG) is running a quick look at Trustix, a Linux distro designed for servers that focuses on ground up security and stability. From the article: "No operating system can claim to be completely secure. There will always be zero-day exploits, configurations errors, user errors, and other factors that can defeat the best security for any system. On the other hand, it's always good to start from a secure base and then add more security. Trustix provides a reliable and secure Linux distribution that you can build upon. There are no wasteful graphical displays and no wizards to set up your firewall. If you aren't comfortable with the command line, forget about Trustix. [...] That said, Trustix does a good job of keeping your system up-to-date, and if you have the required experience, you'll find that it's a robust distro. As a simple server distro with a high level of security and customizability, Trustix is a worthy contender."
This discussion has been archived. No new comments can be posted.

Trustix, a Worthy Contender?

Comments Filter:
  • Benefits? (Score:1, Insightful)

    by Doytch ( 950946 )
    Umm, I'd rather pick some other distros that are known for stable secure server platforms that have been around and tested than some new one that continues the string of terrible linux distro names.
    • Re:Benefits? (Score:5, Informative)

      by g0sub ( 582599 ) on Wednesday March 29, 2006 @05:03PM (#15021216)
      Yup, this is especially valid since Trustix has been around since the late 90's.
    • Re:Benefits? (Score:2, Interesting)

      by Svet-Am ( 413146 )
      I've been using a Trustix box since the 1.1 release, so I guess that's about 4 years now. I recommend it to people all the time, but no one ever goes for for the same reasons as this parent poster makes their ignorant statement: brand recognition. Trustix, out of the box, is oodles more secure and "safe" than a Fedora or SuSE or BSD box. But, because people haven't really heard of it, they pass it by. Their loss, I suppose -- makes downloading the new ISO easier for me since few folks are grabbing them.


    • As far as trusting only trusted distributions go, I don't see anyone mentioning the NSA's version LinuxSE.

      Did they screw the pooch or is this a big secret?


      • As far as I know the NSA never released their own distribution. They have however released source to their SELinux (Security Enhanced Linux) project which is an ACL implementation that Redhat, Debian, Gentoo and perhaps a few others use.
  • soo.... (Score:1, Interesting)

    by grub ( 11606 )

    ... It's an OpenBSD [openbsd.org] wannabee without the proven track record?
  • Chop shop (Score:5, Funny)

    by Anonymous Coward on Wednesday March 29, 2006 @04:57PM (#15021161)
    " Linux.com (also owned by OSTG) is running a quick look at Trustix, a Linux distro designed for servers that focuses on ground up security and stability."

    I'm sorry. I like my security and stability in one piece. Thanks.
  • by gbulmash ( 688770 ) * <.moc.oohay. .ta. .suomaf_imes.> on Wednesday March 29, 2006 @05:08PM (#15021268) Homepage Journal
    Has anyone done a comparison or testing of a "ground-up" secured Linux like Trustix with a linux hardener like Bastille [bastille-linux.org]? It would be interesting to see what the advantages/disadvantages of each are.

    - Greg

    • by r00t ( 33219 ) on Thursday March 30, 2006 @01:06AM (#15024105) Journal
      Fedora Core 5 does the job if you ask it to.

      First, install the x86_64 version. This provides accurate memory permissions and more bits for address space randomization.

      Enable the strict SE-Linux policy, or the MLS policy if you want military-style levels. (the default policy is "targeted", which is still better than the "off" setting)

      During the install, or afterward via the setsebool command, change a few settings if not done already. Enable the policy that prohibits executing from files that are not specially marked, that were written to, or could be written to. Disable the app compatibility hacks.
    • And comparing with OWL (Openwall Linux) as well. http://www.openwall.com/Owl/ [openwall.com]
  • well... (Score:2, Funny)

    by idiotdevel ( 654397 )
    the name certainly bought my trust
  • It would have been nice if the article went into a little more depth on what Trustix does differently to make it more secure/stable than something like a server install of Ubuntu or Debian, instead of spending a good chunk of the article on the installation and telling us how to do a system upgrade. But then again, I suppose it was a quick look at Trustix.
    • As a Trustix User... (Score:3, Informative)

      by vwjeff ( 709903 )
      Disclaimer: I am not a Trustix employee but do believe in using the best tool for the job. For example, I am writing this from a new iMac (which I love.)

      I use Trustix on my servers because it is designed specifically for servers. Unlike other distros, Trustix is completely CLI and bloat is minimal. By default, a base system is installed (basic GNU Utilities, and sshd.) The default config files for any installed service were created with security in mind. For example, sshd does not allow root login. A
      • When you say that sshd by default disallows root login, I just wanted to ask a clarifying question. Does it still allow you to log in as a regular user and then sudo (or sudo -s, if such things are kosher according to your rules) in order to do necessary maintenance activities? I'm just thinking in terms of installing it on a totally headless machine for which there wasn't a local console at all, and all admin tasks were done over SSH. As long as you could sudo, this would be fine, but if you couldn't, or h
        • SSH does not have any control over what you can or cannot do after you are logged into the shell. So, the answer to your question is, "of course"!

          robert
          • I'm aware of this; the question was really not of SSH but of Trustix's default policies. If root login via SSH is disabled, the ability for a normal user to sudo and become root-like could also have been disabled (by not adding them to sudoers by default); the advantage being that there would be no way to remote-root the system, all nontrivial changes would need to be made locally by default. However from a remote-administration standpoint this would really suck, and it would make setting up a totally headl
        • When you say that sshd by default disallows root login, I just wanted to ask a clarifying question. Does it still allow you to log in as a regular user and then sudo (or sudo -s, if such things are kosher according to your rules) in order to do necessary maintenance activities?

          All my servers are headless but I needed console access to do the install. There are two reasons this is needed.

          1. sshd does not start by default on boot. You have to enable it (chkconfig sshd on)
          2. In order to do administration t
          • Great, this is exactly the answer I was looking for. So you really need local console access in order to set it up for headless operation.

            For some reason I thought that the sshd daemon was running by default, I realize now that the person who said that just meant that sshd was installed, but not running, by default.

            Thanks.
    • I used TSL (Trustix Secure Linux) 2.2 and 3.0 on various servers for some time. I liked where it was heading and how it provided a nice stable platform. I liked it's clean policy, and while not being as 'legacy' as Debian for using old versions, wasn't the first to jump on the bandwagon. I also liked that it didn't manage to link everything with the X libraries (*cough* RedHat *cough*)

      What I didn't like was the upgrade path issues. Debian, for example was a breeze to do major upgrades of the distributio
  • by daeg ( 828071 )
    Distributions are open source. Why develop yet another distribution rather than build upon the security of existing OSes? Why not develop a fork of a more popular--and known--distribution and opt not to package it with X, etc? I'm sure almost any of the distributions out there would welcome additional developers that focus on security and stability.
    • trustix is a pre-fedora redhat knockoff. version 2.x used the old RHL config and package loader screens from the RH7.x days.
    • Trustix is by no way a new distribution. They've been around end of the nineties. Last time I checked their page (a year ago prolly) they announced to go more commercial with the next major release. Don't know why they didn't get more exposed, the idea (server OS w/o desktop ballast) has it's merits.
    • Trustix is based on an older RedHat. They forked and made their own product. Trustix, to me, is what RHEL _SHOULD_ be. It's a SERVER distro, and that focus shows. Over the years, it has evolved into its own distro, and is even more obvious with the 3.0 release.

      A minimal install +SSH is ~100 meg. MEGs. Nothing extra, unless you want it installed.

      In short, they did what you were advocating.
  • Ummm (Score:3, Insightful)

    by Reality Master 101 ( 179095 ) <RealityMaster101&gmail,com> on Wednesday March 29, 2006 @05:25PM (#15021395) Homepage Journal
    Trustix provides a reliable and secure Linux distribution that you can build upon. There are no wasteful graphical displays and no wizards to set up your firewall. If you aren't comfortable with the command line, forget about Trustix.

    I'm all for the command line, and in fact like the flexibility of the command line, set-up files, etc.

    But there's no doubt that with flexibility comes a lot of responsibility. And if you put responsibility in the hands of humans, then there will be an error somewhere along the way. If you want reliable security, not just potential security, it's a lot better to be able to just click the checkbox next to 'FTP' on a firewall dialogue than have to slog through iptable entries.

    Sounds like these guys have the wrong philosophy. A server built for security makes sure that dumb administrators can't mess it up.

    • a server for security makes sure dumb admins never get near it.
    • I'm all for the command line, and in fact like the flexibility of the command line, set-up files, etc.

      But there's no doubt that with flexibility comes a lot of responsibility. And if you put responsibility in the hands of humans, then there will be an error somewhere along the way.

      I could not agree with you more so far. I'd just like to point out that ultimately all matters of security are up to flawed human beings.

      If you want reliable security, not just potential security, it's a lot better

      • In reality, you're not trusting the machine; you're trusting the OS developers. Who says they know more about what's "secure" than you do?

        And you're also trusting the iptable developers (or whatever firewall system you're using). Do you audit the code to make sure it does what it's supposed to do? Based on your philosophy, everyone should modify the TCP/IP stack source code to "make sure" security is implemented correctly.

        Security does not come through pain and torment. Security comes through simple mis

    • But there's no doubt that with flexibility comes a lot of responsibility.

      On the other hand, there is no doubt at all that putting a layer of eye candy application between the administrator and the actual configuration adds risk and obscures what is going on.

      Thanks, but I'll take the command line over menu-driven configuration tools for any configuration issue that might touch on security (which is essentially all of them, isn't it?)

      I expect security tools designed to make it easy for the mousketeers to prod
    • Just cause your server has no gui, doesn't mean you have to slog through iptables entries. That's what your workstation is for. Anyways, you shouldn't be on your server building things and trying stuff out you'll break something for sure that way.
    • Your problem is the dumb administrator. Fix that.
    • I'm not an expert but I've used Trustix a lot in the past. What I like about it is that trustix leaves all but the most important services off by default, and then allows the administrator to start and install only what is needed. Rather than a server built for dumb administrators, it is built for administrators who don't want to have to go through the tedious task of disabling everything he/she doesn't use just to harden a server for production.

      What i've used it for most in the past is running a simple

  • "If you aren't comfortable with the command line, forget about Trustix"

    So this product is designed to be used by a tiny portion of the market. A portion so small that there is really no glory to be gained by hacking it. Even if one did crack it, you wouldn't get a fleet of bot nets out of it. Even if you do crack it, there isn't likely going to be a wealth of ransomable data on it. Nope, it is just some linux nut trying to be hard core about security. So.... Why bother trying?

    It's all about the cost/benefit
    • I've always found the "there aren't many computers running ______ around, so they don't get exploits developed for them at nearly the (normalized) rate that other OSes do" argument to be a little shaky. I understand that zombie nets make a surprising amount of money (given enough computers involved) for the cr(h)ackers, but I'd think the challenge of breaking [into] a system would be more of a draw than the money for many people.

      On the other hand, maybe we're having zombie nets continu
  • by -noefordeg- ( 697342 ) on Wednesday March 29, 2006 @05:53PM (#15021617)
    But there has been major changes in the company behind Trustix as of lately. It was originally developed and maintained by several hard working people in the Comodo branch in Trondheim, Norway (E.Midttun, O.Viggen, C.H.Toldnes).
    Then not so long ago, I saw one of the workers at Comodo carrying several computers from their office. Turned out that everyone had been laid off and the Norwegian branch was closed down.
    At the same time this happened and for some time there was no information given about the status of Trustix:
    http://www.mail-archive.com/tsl-discuss@lists.trus tix.org/msg03396.html [mail-archive.com]

    We still have a few servers running Trustix, but are currently moving over to other distributions.
    • All of this is one of the reasons I switched the few servers I have over to OpenBSD. Trustix was nice, especially if you are used to the Linux SysV way as opposed to the evil that is BSD's rc system. :-)
    • Yeah. The outlook is bleak and there is no information from Comodo (who now owns the distro after they bought Trustix a few years ago).
      Noticed on the homepages of the former core developers that they are in fact using Ubuntu today. That really says a lot to me.

      Unless Comodo issues some statment I would consider Trustix dead. It's sad, as I've used the distro for over 6 years and come to love it quite pationately. Even invested a lot of free time providing/taking free support on their mailing list. Starting
  • Anybody else find it funny that the Trustix website has their own Apache default page?

    From trustix.net:

    If you can see this, it means that the installation of the Trustix operating system and the Apache web server software on this system was successful. You may now add content to this directory and replace this page. Seeing this instead of the website you expected?

    This page is here because the site administrator has changed the configuration of this web server. Please contact the person responsible for m

  • by jd ( 1658 ) <imipak@ya[ ].com ['hoo' in gap]> on Wednesday March 29, 2006 @06:07PM (#15021728) Homepage Journal
    It has been around for a while, and I've not heard anything particularly bad about it. Not heard anything exceptionally good, either. One of the problems with security is that there are so many different kinds. The flavours that seem to be popular are:


    • Security of the host against intrusion (eg: OpenBSD)
    • Security of the host against usability attacks
    • Security of the contents against a user (eg: Trusted Irix)


    On top of that, you have several methods of ensuring that the software is correct. The methods that are popular are:


    • Correct bugs as they are discovered (eg: Linux)
    • Aggressively audit for bugs (eg: OpenBSD)
    • Implement the software from a correct design (eg: Gemini)


    Trustix does some of the auditing of OpenBSD, I believe, which is good. However, no auditing method will ever produce provable security. It can only ever produce probable security.


    Linux (and so presumably Trustix) has various role-based mandatory access control systems, which provide a vastly higher level of protection against malicious use by someone already on the system. However, none of the mechanisms I am aware of provide mandatory access controls for packets or memory allocations. I am also very unclear if they provide additional security for shared memory or shared resources (using the P9000 filing system). As far as I know, OpenMOSIX and bproc have no mandatory access control support, so if you migrate a process, the rights do NOT migrate with it. (Also, if one node in a cluster has MAC, it should be impossible for threads to migrate from that to a non-MAC node, although the reverse should work, as MAC restrictions can be added but should not be removable outside of the established mechanism for doing so.)


    MAC only appears on a very limited number of *BSDs, and most of those have vanished without a trace. SecureBSD and TrustedBSD are not exactly household names, and even those seemed to be limited to the narrow range of controls that SELinux supports. AFAIK, no other of the Open Source BSDs support mandatory access controls at all.


    Note: MAC clusters would be wonderful for public server farms, as they would be a lot simpler and a lot safer than any of the other popular methods used.


    Trusted computing and encryption often go hand-in-hand, but driver support for either is abysmal in the kernel. The number of trusted computing accelerators supported by Linux is feeble, and there's only one (RSA) crypto chip, even though many many others exist - and there's even specs and Open Source support for them. Why publicly specced devices aren't making it into Linux is beyond me, as that is the chief complaint of Linux driver developers. The way to reinforce that specs are good is to reward those who publish them. The way to reinforce that Linux doesn't matter is to have no impact.


    (A good example is the Motorola S1 chip, for which the complete manual has been online for a long long time.)


    Ultimately, until an Open Source system can beat the pants off an ancient closed-source system like Gemini, we've no business calling anything we have "secure" in any absolute sense. In a relative sense, most Open Source systems are infinitely more secure than any comparable system, but that only goes so far. It's about time we bit the bullet and gatecrashed the turf that has so far been reserved for the most secure of military systems.

    • "none of the mechanisms I am aware of provide mandatory access controls for packets or memory allocations"

      SE Linux does that. Normally people would rather handle gigabit networking and run obsolete apps, but you can enable the protection if you want it. Fedora Core 5 even has a couple ready-made settings for the memory-related stuff.

      Want the full power of the 2.6.16 kernel and a recent toolchain? See how you like this:

      You may only execute files that are specially marked. (to mark them requires privile

  • ... and the name of this one made me hopeful for a second, but it isn't.

    In theory, using a Trusted Platform Module (TPM) allows you to configure a system so that encryption keys can be bound to a particular system state. I'd like to be able to use this for fairly high-security systems like, say, CAs, or RADIUS auth servers, etc., but I'll never have the time to do it myself.

    The idea is that as pieces of software are loaded, they're fed to the TPM, which hashed them into a Program Control Register. The

  • I installed the both the "stable" and unstable version of this distribution last year and none of them worked... well all of them fucked my MBR (and I installed many other distributions, I'm not that stupid), so yeah I won't even try again.
  • I've used just about every major package management system out there: yum, up2date, apt, portage, grimoire (the one from Sorcerer), and swup. I'm far more impressed with swup than I've ever been with anything else, apt included. I've been using Trustix for about 6 years now and I've never been disappointed with it. The solid, single command line executable aspect of it (swup --install, swup --search-[file|package|etc.]) compared to the variety of apt's executables (apt-get, apt-cache, etc.) reduce the co
  • I think people who made this creature were thinking along these lines: Let's make a distro that so few people use, that no hacker in conscious mind would even attempt to break into system that is running it. Seriously, what makes this distro different from, let's say, properly configured debian without X?
  • http://www.trustix.org/ [trustix.org]
    http://www.trustix.org/installation/index.php [trustix.org]
    http://www.trustix.net/ [trustix.net]
    http://www.trustix.net/installation/index.php [trustix.net]

    Forbidden

    You don't have permission to access /installation/index.php on this server.
    Apache/2.0.55 (Trustix Secure Linux/Linux) PHP/4.4.2 Server at www.trustix.net Port 80

    WOW! Now that is secure.

    At least you can reach this site, which looks awfully commercial-style with no community.

    http://www.trustix.com/ [trustix.com]

  • I am but a clueless n00b, but could somebody explain to me why this is any better than anything else?

    It strikes me like anybody who is competent enough to use and maintain a secure Trustix distribution would be equally qualified to maintain a secure, say, RHEL 4 distro. RHEL 4 is also not burdened by a GUI, and supports SElinux. I'm sure you can also install Ubuntu without X, and I know you can for many other distros.

    So, if you have the qualifications, why use Trustix? And if you don't, wouldn't a more user
    • In my case (implementing a support server for the company I work at), I needed a Linux distro that would give me more or less what I needed right out of the box without too much fuss.

      My first inclination was to try CentOS, but the machine I was attempting to install it on had a bad CD-ROM, which meant that most of the packages I tried to load got corrupted. I also had previously used Red Hat (before they did the Fedora/RHEL split) and disliked the fact that they tended to hook everything into X wherever pos
      • Other distributions I considered briefly before installing Trustix were: ...
        Gentoo -- I nearly went this way, since I now run a Gentoo server and like the ease of updates, but I did not have the time or resources on hand to do a complete install from source. Plus the machine is a bit slow...


        I had begun building servers some time ago with Gentoo. It was not a pleasurable experience. Bugs in portage (yes portage itself) eventually crept in and royally messed the entire package database. It took a significa
  • "On the other hand, it's always good to start from a secure base and then add more security."

    Hell no. Security makes sense up to a certain level. A system's security can be increased into unusability. What could be more secure than a server which you need to dive into the Mariana trench, disarm the motion sensor embedded hydrogen bomb linked to the server, break through concrete and provide connectivity to that server? It's secure but unusable. A healthy balance is required.
  • by Zebra_X ( 13249 )
    *Clap*

    10 Years later someone brings OpenBSD's philosophy to the Linux world.
  • Yawn.

    Another supposedly "secure" distro with no differentiator between it and anything else other than someone turned on settings already there.

    Wake me up when they do something that CHANGES Linux and ALL the OTHER distros stand up and take note.

A triangle which has an angle of 135 degrees is called an obscene triangle.

Working...