ELS - Easy Linux Security script

smtalk · #1 01-30-2007, 10:50 AM

ELS stands for Easy Linux Security. ELS was created by the Server Monkeys Founder, Richard Gannon, Martynas Bendorius and Wael Isa. ELS takes many of the tasks performed by our Administrators and puts it into an easy to use program for anyone to use. It is released under the GNU/GPL so it is free to use.

This program is always being improved with new features and bugfixes, so be sure to keep it up to date. If you found a bug or would like an improvement, please let us know! If you really like this program, donations are welcome!

Supported Operating Systems :

Red Hat Linux 9
Red Hat Enterprise Linux 3, 4, 5
Fedora Core 1, 2, 3, 4, 5 and 6
Fedora 7
CentOS 3, 4, 5
Debian 3.0, 3.1, 4.0

What ELS Does:

Install RKHunter
Install RKHunter Cronjob which emails a user-set email address nightly
Install/update APF
Install/update BFD
Install CHKROOTKIT
Install CHKROOTKIT Cronjob which emails a user-set email address nightly
Disable Telnet
Force SSH Protocol 2
Secure /tmp
Secure /var/tmp
Secure /dev/shm
Install/update Zend Optimizer
Install/update eAccelerator
MySQL 4.1 and 5.0 Configuration Optimization
Upgrade MySQL to 5.0
Tweak WHM Settings for security and stability
Configure RNDC if not already done (cPanel only)
Change SSH port (also configure APF as necessary)
Add wheel user and disable direct root login over SSH
Optimize MySQL tables
Install/update Libsafe
Install/update ImageMagick (from latest source)
Uninstall LAuS
Harden sysctl.conf
Install Chirpy's Free Exim Dictionary Attack ACL (cPanel only)
And more!

To install ELS, simply run the following command as root:

Code:

# wget -O installer.sh http://els.web4host.net/installer.sh; chmod +x installer.sh; sh installer.sh

Donate:
Please remember that ELS is an open source project which is supported by users like you. If you used and like ELS, we really appreciate any and all donations. All donations go towards the maintaining and development of ELS.

You can donate using PayPal here.

sullise · #2 01-30-2007, 11:44 AM

Can each of the items be done seperately? The els -h output doesn't give much in the way of info on that part.

smtalk · #3 01-30-2007, 11:46 AM

Just do:

Code:

# els --all

And it will ask you what do you want to install/update or optimize/secure

txt3rob · #4 01-31-2007, 07:37 AM

so far so good

nice script!

txt3rob · #5 01-31-2007, 08:04 AM

its messed my server up now i gotta try fix the apache afther telling this to install eAcellerator

smtalk · #6 01-31-2007, 08:47 AM

txt3rob, just comment eaccelerator line in php.ini and restart apache. What error do you get?

jlasman · #7 01-31-2007, 09:18 AM

I can't run the installer as an unprivileged user.

No matter the reputation of the authors; if they want to keep that reputation they shouldn't be creating a script that requires root to even read it.

Jeff

smtalk · #8 01-31-2007, 09:28 AM

It requires root, because installer needs to install ELS to /usr/local etc. If you want to take a look at the source: http://www.servermonkeys.com/projects/els/els/els.sh

jlasman · #9 01-31-2007, 12:25 PM

Interesting ...

First they limit how it can be used, and then they publish under the GNU license, version 2.

Is that legal?

In any event, we can't use it because we charge for server setup; I'll write my own.

Thanks.

Jeff

smtalk · #10 01-31-2007, 11:16 PM

jlasman, what are you talking about?

djmitch · #11 02-01-2007, 05:24 AM

@ jlasman, you need root acces for some server configurations, if you look in the script you can see that.

@ smtalk
Maby it's an option to for people that don't have root acces, that they can use the other optiens in the script?

I have looked at it yesterday and will try it in the weekend i think.
but what if some one chooses eaccelerator AND zend... ? is there a sort of security build for that? Because most time you get problems if you install the both.

jlasman · #12 02-01-2007, 10:37 AM

smtalk:

They publish under version 2 of the GNU open source license. But they limit you to non-commercial use.

Jeff

smtalk · #13 02-01-2007, 11:01 AM

What are "they" ?

This script is created by myself and one more man

(servermonkeys founder)

sullise · #14 02-01-2007, 12:18 PM

Quote:

Originally Posted by smtalk

What are "they" ?

This script is created by myself and one more man

(servermonkeys founder)

In that case, YOU are limiting it to "non-commercial" use,which sort if self-defeating since we are all commercial users..lol.

smtalk · #15 02-01-2007, 12:28 PM

What do you mean - you're all commercial users? If you have your own server - you can use this script on it to secure your servers, like you can use DNS master2slave released under GNU/GPL v2

sullise · #16 02-01-2007, 02:28 PM

Quote:

Originally Posted by smtalk

What do you mean - you're all commercial users? If you have your own server - you can use this script on it to secure your servers, like you can use DNS master2slave released under GNU/GPL v2

I think what Lasman was trying to get at is this....we're webhosts..and as such "commercial users"..thus by the licensing provision of saying for "non-commecial" use only, we can't "legally" even put it on our servers.

At least, that's how I interrupt it.

smtalk · #17 02-02-2007, 08:45 AM

I have modified it and repackaged, we removed that statement. Sorry for that and thank you for reports.

GranTW · #18 02-11-2007, 09:51 AM

Code:

ELS can now install RKHunter.
Proceed? (y/n): y
Downloading RKHunter...
Download Successful!
MD5 matches.
Extracting...
/usr/local/bin/els: line 986: cd: rkhunter: No such file or directory
Extraction failed.
Aborting.

Looks like it's not downloading it...

Grant

smtalk · #19 02-11-2007, 10:04 AM

It's downloading, found a bug

It will be fixed in new and much better version which is coming soon (2.0.0)

Thank you for the report.

smtalk · #20 02-11-2007, 02:53 PM

Version 2 released!

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode