EnGarde — Secure Linux Server

[ Tuesday, 7 August 2007, riklaunim ]


This will be an unusual review, due to the fact that the distribution under review doesn’t have an X server, and you don’t really need to login on it to work… This review is about the just released EnGarde Secure Server 3.0.16 developed by Guardian Digital company with the help of the community.

About EnGarde

EnGarde is a server oriented distribution equipped with WebTool — a web based interface for managing the system and various types of servers (HTTP, mail, FTP and many other). There are two editions of EnGarde – the free Community edition and the commercial Professional edition. EnGarde and all it components are published on the GPL license. EnGarde is available for i686 and x86_64 architectures, uses RPM packages managed by APT-GET. The package list is available on the distro web page, and as we can see most of server software is there but not all (like some python packages if we want to host, for example, a Django website). Excellent security is achieved thanks to SELinux and also good testing, and package selection. The Community edition is developed with the help of the community. Before each release community ideas and request are gathered and implemented where possible.

Off we go

We start by downloading an ISO image from one of the mirrors. We get a LiveCD EnGarde, which can run as LiveCD or can be installed onto the disk. If we install we have to register for free to get an activation code.

start systemu
Pic 1. EnGarde at start

When the system boots from the LiveCD we can use the LiveCD session to install EnGarde. The installer is very simple, curses based, and consists of a few stages, which allow us to set the partitions, network connection etc.

partycjonowanie
Pic 2. EnGarde uses a curses text based installer

pakiety
Pic 3. We can select some packages groups

WebTool

Under the URL https://[SERVER IP]:1023/ we will find the WebTool interface (EnGarde uses 192.168.10.100 by default). When we open the url in a browser we will see the login screen. Default login/password are: “admin”, and “lock&%box”.

logowanie
Pic 4. Login to WebTool

After first login we will have to set new passwords for WebTool admin and the root user. After saving them the system will reboot. Next login will open all WebTool features.

webtool
Pic 5. WebTool main page

WebTool is an advanced tool for managing the server system and it’s services. We even find a java applet that will connect us to the EnGarde IRC channel. We will also get RAM and CPU usage statistics and the main part – management of servers and system settings. We can configure servers, firewall, detect intrusions and even manage packages though the web browser.

irc webtool
Pic 6. IRC client works

usługi webtool
Pic 7. We can check working services

webtool cpu
Pic 8. And also watch resource usage

pakiety webtool
Pic 9. We can install extra packages

instalacja pakietów
Pic 10. And it even works :)

opcje
Pic 11. A long list of features

Test Details

WebTool is accessible from other computers on the network. To test this distribution on a single computer I had to use QEMU with network support. There are a dozen ways to set the network to work with the emulated system but I tested a few and not all worked. I installed vde – ethernet network emulator for QEMU and other emulators. Also the kernel has to support TUN/TAP (“tun” module or build-in; Device Drivers –> Networking support –> Universal TUN/TAP device driver support), and of course ip tables and friends. When we have all that we execute few commands:

vde_switch -tap tun -daemon
ifconfig tun 192.168.254.254
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# or if we use ppp connection
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

Now we can start the system using “vdeqemu“, and not “qemu“:

vdeqemu -hda had.img

When the Linux system starts we set some connection data:

  • IP: 192.168.254.X
  • Mask: 255.255.255.0
  • Gateway: 192.168.254.254
  • DNS: as on the host system

Full description can be found on the net. QEMU system will be available on the IP address we have given, 192.168.254.X.

Summary

EnGarde is an interesting server distribution. Compared to common SSH-only VPS servers, EnGarde VPS seems to be much easier to manage, although the admin still needs to know how all those bits and pieces work. Delivering more crucial packages would be nice. However, the overall rating is still positive.

On the web


Warning: include_once(/sites/polishlinux.org/wp-content/themes/jakilinuxorg/google_article_inside.php): failed to open stream: No such file or directory in /sites/polishlinux.org/wp-content/themes/jakilinuxorg/single.php on line 48

Warning: include_once(): Failed opening '/sites/polishlinux.org/wp-content/themes/jakilinuxorg/google_article_inside.php' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /sites/polishlinux.org/wp-content/themes/jakilinuxorg/single.php on line 48

Subscribe to RSS feed for this article!

1 Comment

fold this thread devnet  Tuesday, 21 August 2007 o godz. 6:51 pm #  Add karma Subtract karma  +0

I’ve tried Engarde and found it to be less than what I like or need as a home user. Therefore, I’ve used ClarkConnect since version 2.1.

I encourage you to take a look at this tool as it is similar to Engarde. I reviewed the previous 3.2 release of their fantastic product on my blog…a quick google search will get you there (I hate it when people comment with links to blog posts they’ve done)

(Comments wont nest below this level)
 
Name (required)
E-mail (required - never shown publicly)
URI

Adjust field size: shrink | enlarge)


You can use simple HTML in your comments. Some examples are as follows:
  • A hyperlink: <a href="polishlinux.org">GNU/Linux for everyone!</a>,
  • Strong text: <strong>Strong text</strong>,
  • Italic text: <em>italic text</em>,
  • Strike: <strike>strike</strike>,
  • Code: <code>printf("hello world");</code>,
  • Block quote: <blockquote>Block quote</blockquote>

About the Author

Piotr Maliński

Programmer, journalist. Creator of the CMS, Linux and PHP libraries. Arch Linux/Gentoo user. Creator of a GNU/Linux distribution based on Gentoo: Plusiaczek Live CD.

New AdTaily ads!

Are you a film buff?

film buffs community, movie recommendations and reviews

RSS: Comments

You can follow the comments to this article through a special channel RSS 2.0 .

Related articles: Linux

 more »

Related articles: Reviews

 more »

PolishLinux Top Content


Become our fan on Facebook!

PolishLinux.org on Facebook

Follow PolishLinux on Twitter!

Follow polishlinux on Twitter

Google Ads