ASL 4 Install Problem

Customer support forums for Atomic Protector (formerly Atomic Secured Linux). There is no such thing as a bad question here as long as it pertains to using Atomic Protector. Newbies feel free to get help getting started or asking questions that may be obvious. Regular users are asked to be gentle. :-)
Post Reply
zyza
Forum User
Forum User
Posts: 9
Joined: Sun May 15, 2011 1:38 pm
Location: London

ASL 4 Install Problem

Unread post by zyza »

Hello

May I start by reminding you what persuaded me to buy your product.
"Easy to Use

We designed ASL so that anyone can use it and so that it works out of the box to protect your system.
ASL does not require you to be a security expert.
We built ASL so that anyone can protect their systems without any security background at all.
With ASL you can have the same level of protection that comes with a team of security experts, all wrapped up into one product."
Ok, so I get an email saying - Great news update to 4. Click here and read the instructions.

So I did.

Copied and pasted the wget thingymajig and off we go.

This was my first problem.
** Found 7 pre-existing rpmdb problem(s), 'yum check' output follows:
asl-php-5.4.24-22.el6.art.x86_64 is a duplicate with asl-php-5.4.23-21.el6.art.x86_64
asl-php-cli-5.4.24-22.el6.art.x86_64 is a duplicate with asl-php-cli-5.4.23-21.el6.art.x86_64
asl-php-common-5.4.24-22.el6.art.x86_64 is a duplicate with asl-php-common-5.4.23-21.el6.art.x86_64
asl-php-gd-5.4.24-22.el6.art.x86_64 is a duplicate with asl-php-gd-5.4.23-21.el6.art.x86_64
asl-php-mysqlnd-5.4.24-22.el6.art.x86_64 is a duplicate with asl-php-mysqlnd-5.4.23-21.el6.art.x86_64
asl-php-pdo-5.4.24-22.el6.art.x86_64 is a duplicate with asl-php-pdo-5.4.23-21.el6.art.x86_64
asl-php-process-5.4.24-22.el6.art.x86_64 is a duplicate with asl-php-process-5.4.23-21.el6.art.x86_64

Error: Could not install ASL
Well I only ever do yum update when the asl guithingy tells me I have to, so how the duplicates got there can only be down to ASL.

After a great deal of searching I discovered I can delete the duplicates. Scary but I did rpm -e and off we go again

Autoshun, well I just dont know, should I shouldnt I, default is no and I should go with default but I like the sound of this so I will give it a try.
* AutoShun: AutoShun is a community sourced blacklist from the Snort IDS.
* C.I. Army: Collective Intelligence blacklist is a community blacklist of known malicious actors.
* Dshield: A community based firewall log correlation system.
* Emerging Threats: Russian Business Network (RBN) blacklist
* Lasso: Spamhaus DROP list for known spam controlled address space.
* ELasso: Extended Spamhaus DROP list for known spam controlled address space.
* OpenBL: OpenBL tracks multiple service abuse, including ssh, ftp, smtp, and http.
* OpenProxies: Known Open Proxy server blacklist.
* TOR: The Onion Router exit node list.

Enable AutoShun blacklist (yes/no) [Default: no] ?
Enable C.I. Army blacklist (yes/no) [Default: no] ?
Enable Dshield blacklist (yes/no) [Default: no] ?
Enable Emerging Threats blacklist (yes/no) [Default: no] ?
Enable Spamhaus LASSO blacklist (yes/no) [Default: no] ?
Enable Spamhaus Extended LASSO blacklist (yes/no) [Default: no] ?
Enable OpenBL blacklist (yes/no) [Default: no] ?
Enable Open Proxies blacklist (yes/no) [Default: no] ?
Enable TOR blacklist (yes/no) [Default: no] ?
Luckily here I had read on the page I clicked from the email that I should say yes to this. So I did after hitting default 3 times and then hitting ctrl C and starting the whole install process again 3 times. teach me to be so fast.
Would you like to re-install the ASL database? (y/n) [Default: n]: y

I am just so not sure about how to set up other users, I know I should but I just not confident.
Administration
Administrative users (other than root) will be permitted to SSH into
the system, and use privileged functions. Defining administrative users
will disable root logins, and disable password based authentication, if
those users have installed SSH keys.
Current Whitelist
0.0.0.0
10.255.255.3
10.255.255.4
127.0.0.1
185.24.121.225
188.64.117.67
82.167.16.61
86.123.201.162
86.172.55.184
87.103.1.214
87.107.2.72
87.106.38.80
10.255.255.4
10.255.255.3


IP Whitelist (separated by whitespace) [Default: none]:
Ok I am NOT sure again , do I need to add the ones that I had added in ASL3 again or will it do it automatically. I really am confused.

SCARY! .. better say no to the Kernel stuff
Kernel Settings
ASL allows you to disable kernel module loading after the system
has booted. This prevents an intruder from loading kernel modules,
such as LKM (Loadable Kernel Module) rootkits, into the running system.
Loading kernel modules is disabled by default.

Allow run-time kernel module loading? (yes/no) [Default: no ]:

Oh more scary .. better say no.
PHP Settings
ASL can check php configuration settings for high risk functions,
and other configuration settings.
Ok you got me now .. I have no clue what to do.
Errors were encountered:

L CODE SOURCE MESSAGE
- ---- ----------------------------- ------------------------------------------
2 9901 ASLCommon::cmd_system ERROR: '/bin/rpm --quiet -q kmod-xtables-a
ddons (1)'

2
The ASL kernel includes extensive advanced security features including
* Real-time malware detection
* Active kernel intrusion prevention
* Advanced firewall capabilities
I know I will run yum update .. that might help.
Downloading Packages:
(1/17): bigloo-libs-3.3a-4.el6.art.x86_64.rpm | 12 MB 00:03
(2/17): ipset-6.11-1.el6.art.x86_64.rpm | 61 kB 00:00
(3/17): iwl1000-firmware-39.31.5.1-28.el6.art.noarch.rpm | 205 kB 00:00
(4/17): iwl3945-firmware-15.32.2.9-28.el6.art.noarch.rpm | 80 kB 00:00
(5/17): iwl4965-firmware-228.61.2.24-28.el6.art.noarch.rpm | 93 kB 00:00
(6/17): iwl5000-firmware-8.83.5.1_1-28.el6.art.noarch.rpm | 286 kB 00:00
(7/17): iwl5150-firmware-8.24.2.2-28.el6.art.noarch.rpm | 138 kB 00:00
(8/17): iwl6000-firmware-9.221.4.1-28.el6.art.noarch.rpm | 159 kB 00:00
(9/17): iwl6050-firmware-41.28.5.1-28.el6.art.noarch.rpm | 235 kB 00:00
(10/17): kernel-firmware-3.2.46-53.art.x86_64.rpm | 1.1 MB 00:01
(11/17): kernel-headers-3.2.55-63.art.x86_64.rpm | 893 kB 00:01
(12/17): libertas-usb8388-firmware-20130607-28.git2892af0.el6.art.noar | 105 kB 00:00
(13/17): linux-firmware-20131001-33.gitb8ac7c7e.el6.noarch.rpm | 20 MB 00:02
(14/17): psa-proftpd-1.3.4d-5.el6.art.x86_64.rpm | 2.0 MB 00:01
(15/17): psa-proftpd-xinetd-1.3.4d-5.el6.art.x86_64.rpm | 12 kB 00:00
(16/17): roadsend-php-libs-2.9.8-10.5.el6.art.x86_64.rpm | 1.8 MB 00:01
(17/17): tortix-release-0.4-1.el6.art.noarch.rpm | 5.8 kB 00:00
----------------------------------------------------------------------------------------------
Total 1.4 MB/s | 39 MB 00:27
Running rpm_check_debug
Running Transaction Test

Looking good ..

Oh No.
Transaction Check Error:
file /lib/firmware/isci/isci_firmware.bin conflicts between attempted installs of kernel-firmware-1:3.2.46-53.art.x86_64 and linux-firmware-20131001-33.gitb8ac7c7e.el6.noarch
I guess I broke it .

Now what ??

"We designed ASL so that anyone can use it and so that it works out of the box to protect your system. "
I broke it again and I am so scared of it and very confused .

I am left unsure if what I have done is right , if my system is safe.

And I am even scared to ask on the forum as you all know what you talking about.

I am mentally distressed that "We designed ASL so that anyone can use it and so that it works out of the box to protect your system. " does not apply to me.

Please please tell me what I have to do to fix my server.
Top
Post Reply

Return to “Atomic Protector (formerly ASL)”