Hardened Linux / News: Recent posts

Hacking on the HL project was a lot of fun (and of course a LOT of work) and we learned a lot while playing with the code and thinking about improvements. The code is still available on the repository.

Thank you for trying HL!
The HL Developers

Radu Buda made a cool new website. And of course, we are in a winter break.

Today I uploaded 1.7.0-snapshot. The most important change is the new package system called 'cpfos'.

Today Radu Buda joined the Hardened Linux project. He will work on the new project website. Welcome to the project!

The next snapshot version we will load up is nearly done ;-) (See changelog for details)

Here is some non hardened linux news.

Today our new german linux book was released. It is the 2nd release of the book called
"Linux. Das distributionsunabhaengige Handbuch."! (look here: http://linux-openbook.de/site/index.php?id=58\)

But that is not all! You can download it for free on http://www.galileocomputing.de/openbook/linux/

We also created a website for our books and articles only that can be found here:
http://linux-openbook.de... read more

I think about releasing version 1.7.0-snapshot next month (=november).

Want to contribute to the HL project? This is your chance! If you want to become a developer, send an eMail to steffen (at) ploetner-it (dot) de.

Today I finished the base coding part of the Hardened Linux package/ports system 'pkgtools'.

Since this morning ports are available (including auto-download and md5sum comparing of needed archives).

And since a few minutes the package updating tool is also available what uses the encrypted svn connection to check for updates and to download packages.

New ports functionality:
http://cdpdrorg.blogspot.com/2007/08/hardened-linux-pkgtools-now-with-ports.html... read more

I already ported 20 of our packages to the new package system. It will take at least additional 20-50 to build an usefull running 1.7.0 base system but this does not hurt too much.

We hope to bring you 1.[78]-snapshot soon.

We just uploaded a new 1.6.6-snapshot (called 1.6.6-2). It is the old 1.6.6 snapshot version but with current packages. The most important difference maybe is that the kernel now includes the ne2k_pci driver what hopefully should fix network problems with qemu.

From the Changelog:

This just an updated version of the 1.6.6-snapshot release. This release includes our current packages (gcc-4.2, glibc-2.5, kernel 2.6.21.3 and
different other package updates). Nothing else has changed.... read more

After the start of the development of a new installer (yesterday), we now started the development of a new package system.

We've just added the section "HL in the press" that will collect all news about the HL operating system. If you know about news not listed there, feel free to tell us about that.

We've just began to start the development of a completely new (slackware independend) and OpenBSD-like text-console based installer (without any ncurses parts) for the Hardened Linux operating systems. If you like the one of OpenBSD, you maybe will like this one too.

Georgy has just added the Hardened Linux RSS feed on our website (including all SVN repository commits) provided by cia.vc.

http://cia.vc/stats/project/hardenedlinux/.rss

Good news: There are now 1000 downloads of our files since 2006-12-03 20:40. This includes 867 downloads of our snapshot ISO files and 133 downloads of the md5sum files. Our next target are 1000 downloads of the ISO files.

Don't forget that this is not some kind of tool, that we provide. It is a whole operating system, that is especially designed for firewalls and security solutions. You do not install such a system every day and of course you do not install a snapshot-version of it every day.
It is a great news for us all and we will keep up the great work.

Different packages were updated. The documentation package now includes html files instead of a pdf file. This release also includes permission fixes in the binutils package and a 2.6.20.10 kernel.

Updated/Improved packages:

aaa_hl_htmldoc, cpio, dialog, etc, kernel, pkgtools, sysklogd, sysvinit, sysvinit-scripts, bc, binutils, strace, readline.

Removed packages:

mc (you can still install it using the slackware package).

Our documentation is now available in HTML format. You can find it here: http://hardenedlinux.sf.net/docs/

Improvements and addons are always welcome!

Hardened Linux 1.6.5-snapshot released!

Due to a change in the release plan, we have chosen to continue the work inside the 1.6.x-snapshot series.

A lot of work has been done with the packages, there are many new updates available.

Kernel based features are the update 2.6.19.7 and the support of eCryptfs.

This release contains security updates for: CVE-2007-1536

New Packages:
-added udev 108
-added libgpg-error 1.5
-added libgcrypt 1.2.4
-added keyutils 1.22
-added ecryptfs utilities 12 in extra/
-added bin86 (including as86 and ld86)... read more

We are looking for developers who want to contribute to our Project.

You can find more information here:

https://sourceforge.net/people/?group_id=182308

We didn't plan to release a new 1.6.x-snapshot, but we did it nevertheless because of so many changes.

This release does _not_ include the micecatch webinterface and the slackpkg software because we still work on this parts and plan to release them with 1.7.0-snapshot. Some features of micecatch are already working fine but most features are still missed or under heavy development. The slackpkg system seems to work fine on our development package server but the server does not provide official security updates at the moment. This was the most important reason not to add the slackpkg package in this version. The 2nd one was, that a new version of slackpkg was just released and we still include the old one.... read more

I think it's time for a new news entry and time to tell you what we did within the last time.

The first big change is that slackpkg is now modified a bit to work under hardened linux. The package mirror is still a development mirror that misses most packages (only unverse/ and exra/ are available) but we will change this with the 1.9.0 or so.

The 2nd big step is that lots of work were done on the micecatch webinterface that is still under heavy development and that still misses around 80-90% of its features (including a design ...).... read more

Since sf.net shell service is down I'm unable to update the changelog on the Hardened Linux website. I now use the news function to inform you about our changes.

The original slackware package for the netcat programm (nc) is now replaced by the hardened version of HL.

Also the dnsmasq package was added to have an DHCP server. This was needed because ISC dhcpd does not work.

The gradm tool was updated from v. 2.1.9 to 2.1.10 and iptables now includes the gr-security stealthy module patch.... read more

We just released Hardened Linux version 1.6.3. This release does not include many changes and will be the last 1.6.x release. We now start working on version 1.7.0!

This releas includes a new alpha-version package called aaa_hl_pdfdoc that includes the pdf documentation of Hardened Linux. The kernel was also updated from 2.6.18.5 to 2.6.19.2 including the latest grsec kernel patch. All 'universe' packages were removed from the ISO and will be available with slackpkg in coming releases. We removed some unneded packages and upgraded some existing ones -- nothing special.... read more

I just counted more than 500 downloads of our iso image files on sourceforge.net.

BTW. We plan to release a 1.6.3 snapshot within the next 1-2 weeks. This new version will not include many changes but it will be the last 1.6.x version since we now want to start working on 1.7.0 (including the optional webinterface).