Fort Knox for Linux
General Information
  Project Status

Sponsor of FKL

Site Hosted By:

More Information
  Project Home Page
  Mailing List

FortKnox for Linux related Links

The following are links that you may find useful in your pursuit of a more secure Linux platform. The golden rule of security is to run the least amount of services as possible while still being able to deliver the necessary system resources that your users need.

  • TSWG - This is the sponsor of the FKL program.
  • Bastille website - This is the main website for Bastille Linux, which is a hardening script for various types of unix. The FortKnox for Linux hardening and audit tool is a subset of the Bastille program.
  • Linux Security - Linux has a lot of nice resources pertaining to Linux Security. Its a good place to do a search for material about security.
  • RedHat Security - A part of RedHat's website that pertains to their distro and how to secure it.
  • SUSE security site - Novell's SUSE security site for specifics of the SUSE distro.
  • Top 75 security tools - This site has a great list of the top security tools.

US Government Agencies

Several agencies of the US Government are involved in establishing guidelines and standards related to computer security. These documents are mostly freely available. Other efforts include the publication of known vulnerabilities and the development of tools for the hardening of computer systems. See the definitions below for an expansion of some of the abbreviations and acronyms of the various agencies.

US Private Organizations

There are many private companies and non-profit organizations which provide computer security resources in the United States.

  • Immunix is a hardened version of the Linux v2.4 kernel, with access controls, buffer overflow checking and format string protection.
  • Internet Security Alliance (ISA) - This cooperative effort between Carnegie Mellon University and the Electronic Industries Alliance (EIA) aims to improve its member's management of computer security threats.
  • - A site dedicated to serving the open source community with information related to security. It is owned and maintained by Guardian Digital, Inc., who also distribute EnGarde Secure Linux.
  • Linux Security Modules - Sponsored by the DARPA, IBM, WireX, and others, this project establishes a framework for access control in the form of loadable kernel modules.
  • The SANS Institute - Established in 1989 as a research and education organization, the Institute provides a large library of research documents pertaining to computer security. It also offers training and hosts conferences on this subject. SANS is an acronym for SysAdmin, Audit, Network, Security.
  • TruSecure Corp. - This company provides security products and services. An interesting feature is the Hype or Hot section, which lists many threats and classifies them in different ways, including as hype or hoax.
  • TrustedBSD - A project which targets the Common Criteria for FreeBSD.
  • UC Davis Computer Security Laboratory - This lab is working on several security projects.


There are a number of international organizations which deal with the problem of computer security in a cooperative manner.

  • Forum of Incident Response Security Teams (FIRST) - A coalition of international government and private organizations dedicated to share information and coordinate responses to computer security threats.
  • FreeBSD Security - Provides information related to securing this operating system.
  • International Information Systems Security Certification Consortium - Also known as (ISC)2, this organization has developed international certifications for individuals working in the computer security field.
  • InterSect Alliance - A team of Australian IT security specialists providing support in the form of software and services to a variety of customers. They also offer a few open source tools.
  • Linux From Scratch - Another open source community. Although the primary focus is on providing instructions to assemble a working Linux system from source code, it has recently added a section on hardening such a system.
  • The Linux Documentation Project - Among all types of documents related to Linux, this site has a number of HOWTOs dealing with security related to the Linux operating system.
  • RFC 2196: Site Security Handbook - A memorandum by the Network Working Group of the IETF.
  • OpenBSD Security - Provides information related to securing this operating system.
  • ProPolice - An extension for the GNU C compiler to protect applications from stack-smashing or buffer overflow attacks. It was developed by IBM's labs in Japan.



Last updated on April, 2005 by Charlie Long