ELS - Easy Linux Security script

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,327
Location
LT, EU
ELS stands for Easy Linux Security. ELS was created by the Server Monkeys Founder, Richard Gannon, Martynas Bendorius and Wael Isa. ELS takes many of the tasks performed by our Administrators and puts it into an easy to use program for anyone to use. It is released under the GNU/GPL so it is free to use.

This program is always being improved with new features and bugfixes, so be sure to keep it up to date. If you found a bug or would like an improvement, please let us know! If you really like this program, donations are welcome!

Supported Operating Systems :
  • Red Hat Linux 9
  • Red Hat Enterprise Linux 3, 4, 5
  • Fedora Core 1, 2, 3, 4, 5 and 6
  • Fedora 7
  • CentOS 3, 4, 5
  • Debian 3.0, 3.1, 4.0
What ELS Does:
  • Install RKHunter
  • Install RKHunter Cronjob which emails a user-set email address nightly
  • Install/update APF
  • Install/update BFD
  • Install CHKROOTKIT
  • Install CHKROOTKIT Cronjob which emails a user-set email address nightly
  • Disable Telnet
  • Force SSH Protocol 2
  • Secure /tmp
  • Secure /var/tmp
  • Secure /dev/shm
  • Install/update Zend Optimizer
  • Install/update eAccelerator
  • MySQL 4.1 and 5.0 Configuration Optimization
  • Upgrade MySQL to 5.0
  • Tweak WHM Settings for security and stability
  • Configure RNDC if not already done (cPanel only)
  • Change SSH port (also configure APF as necessary)
  • Add wheel user and disable direct root login over SSH
  • Optimize MySQL tables
  • Install/update Libsafe
  • Install/update ImageMagick (from latest source)
  • Uninstall LAuS
  • Harden sysctl.conf
  • Install Chirpy's Free Exim Dictionary Attack ACL (cPanel only)
  • And more!
To install ELS, simply run the following command as root:
Code:
# wget -O installer.sh http://els.web4host.net/installer.sh; chmod +x installer.sh; sh installer.sh
Donate:
Please remember that ELS is an open source project which is supported by users like you. If you used and like ELS, we really appreciate any and all donations. All donations go towards the maintaining and development of ELS.

You can donate using PayPal here.
 
Last edited:

sullise

Verified User
Joined
Mar 4, 2004
Messages
519
Can each of the items be done seperately? The els -h output doesn't give much in the way of info on that part.
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,327
Location
LT, EU
Just do:
Code:
# els --all
And it will ask you what do you want to install/update or optimize/secure :)
 

txt3rob

Verified User
Joined
Jan 16, 2007
Messages
104
its messed my server up now i gotta try fix the apache afther telling this to install eAcellerator
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,327
Location
LT, EU
txt3rob, just comment eaccelerator line in php.ini and restart apache. What error do you get?
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
I can't run the installer as an unprivileged user.

No matter the reputation of the authors; if they want to keep that reputation they shouldn't be creating a script that requires root to even read it.

Jeff
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
Interesting ...

First they limit how it can be used, and then they publish under the GNU license, version 2.

Is that legal?

In any event, we can't use it because we charge for server setup; I'll write my own.

Thanks.

Jeff
 

djmitch

Verified User
Joined
Sep 23, 2006
Messages
6
@ jlasman, you need root acces for some server configurations, if you look in the script you can see that.

@ smtalk
Maby it's an option to for people that don't have root acces, that they can use the other optiens in the script?

I have looked at it yesterday and will try it in the weekend i think.
but what if some one chooses eaccelerator AND zend... ? is there a sort of security build for that? Because most time you get problems if you install the both.
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
smtalk:

They publish under version 2 of the GNU open source license. But they limit you to non-commercial use.

Jeff
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,327
Location
LT, EU
What are "they" ? :) This script is created by myself and one more man :) (servermonkeys founder)
 

sullise

Verified User
Joined
Mar 4, 2004
Messages
519
What are "they" ? :) This script is created by myself and one more man :) (servermonkeys founder)
In that case, YOU are limiting it to "non-commercial" use,which sort if self-defeating since we are all commercial users..lol.
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,327
Location
LT, EU
What do you mean - you're all commercial users? If you have your own server - you can use this script on it to secure your servers, like you can use DNS master2slave released under GNU/GPL v2 :)
 

sullise

Verified User
Joined
Mar 4, 2004
Messages
519
What do you mean - you're all commercial users? If you have your own server - you can use this script on it to secure your servers, like you can use DNS master2slave released under GNU/GPL v2 :)
I think what Lasman was trying to get at is this....we're webhosts..and as such "commercial users"..thus by the licensing provision of saying for "non-commecial" use only, we can't "legally" even put it on our servers.

At least, that's how I interrupt it.
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,327
Location
LT, EU
I have modified it and repackaged, we removed that statement. Sorry for that and thank you for reports.
 

GranTW

Verified User
Joined
Sep 23, 2005
Messages
135
Code:
ELS can now install RKHunter.
Proceed? (y/n): y
Downloading RKHunter...
Download Successful!
MD5 matches.
Extracting...
/usr/local/bin/els: line 986: cd: rkhunter: No such file or directory
Extraction failed.
Aborting.
Looks like it's not downloading it...

Grant
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,327
Location
LT, EU
It's downloading, found a bug :) It will be fixed in new and much better version which is coming soon (2.0.0) :) Thank you for the report.
 
Top