Chapter 1. Getting Started with EnGarde Secure Linux

EnGarde Secure Linux is a complete package of open source Internet services designed to take the work and uncertainty out of setting up and maintaining a highly secure Internet presence. A server-only system, EnGarde Secure Linux begins with secure default settings across-the-board and boots initially with all but a few critical services disabled, allowing you to select and run only the services you will actually use. Configuration and management of EnGarde is handled securely and remotely using Guardian Digital's custom-designed WebTool browser-based administration utility. Updates and security patches are easily applied through WebTool, via a secure connection to the Guardian Digital Secure Network (GDSN). Drawing on the combined resources of Guardian Digital's professional security team and the open source security community, EnGarde Secure Linux builds security layer-upon-layer, beginning with a comprehensive set of security policies that control access to every process and service, and including state-of-the-art open source host and network intrusion detection, along with security-aware system logging and encryption of critical communications. EnGarde Secure Linux offers all of the services needed to safely offer both public Internet services and essential local services, from Web and mail services to FTP, DNS, and DHCP. Other services can be added by drawing on a vast collection of open source software packages, many of which have been packaged by Guardian Digital for installation using WebTool. All of EnGarde's services are managed seamlessly from anywhere through Guardian Digital's custom browser-based WebTool administration utility.

This Guided Tour will take you through installing and configuring some of EnGarde's essential services, including Web, mail and FTP, pausing occasionally to point out how EnGarde helps you maintain a secure environment. When you are finished, you will have set up and configured an Apache Web server, a Postfix mail server, a vsftpd FTP server and will be able to manage them from a remote PC's browser using the Guardian Digital WebTool administration utility.

1.1. The Basics

EnGarde Secure Linux creates a server-only environment that uses standard open source tools to build a secure online presence. Because EnGarde uses its own custom system management tool, Guardian Digitals WebTool, for all configuration and system management tasks, you will not need to use any command-line tools to use EnGarde. However, to use the services that EnGarde provides such as Web, SMTP, DNS and FTP you will need a working knowledge of the basic administration of these services. A basic knowledge of sound security practices will also be helpful. Even though EnGarde, through WebTool, enforces security and guides you in maintaining secure configurations, a basic understanding of security tools and policies will help you understand the security policies WebTool enforces. For example when it requires you to specify user and IP address access when enabling services like FTP.