The Mandriva security package (aka msec) is a set of tools that manages the security of the system. Mandriva offers by default 6 level of security, whose name describe their efficiency:

The Mandriva security package (aka msec) is a set of tools that manages the security of the system. Mandriva offers by default 6 level of security, whose name describe their efficiency:

1. Level 0: Welcome to Crackers. This level is the least secure level and should be used with extreme caution. However, it makes the system very easy to use, and can be set if your computer is not connected to a network (Ithe Internet or a LAN); is used by only one person.
2. Level 1: Poor. Now, the system is usable by multiple users locally, but should not be used if the system is on a network (the Internet or a LAN).
3. Level 2: Low. The increased security over level 1 is that msec provides more security warnings and checks. This level is appropriate for multi-user local use.
4. Level 3: Medium. This is the recommended minimum security level for computers connected to a network. Most of the security checks are used in this level, such as checking for open ports. However, in this level, open ports are kept open and global access to them is granted, so this level, by default, is not generally good for systems connected to the internet unless you are behind a hardware firewall. This security level makes a nice base if you want to secure your system yourself by manually modifying configuration files for various services, etc. This security level is typically what most distributions use as a default (other distributions such as Red Hat or SuSE?).
5. Level 4: High. This is the recommended security level for network server systems or systems permanently connected to the internet. This level will allow connections to pre-determined servers via remote, and all locally. By default, a number of services are disabled, so as an administrator you will need to enable them by hand. The security checks msec performs are more advanced as well, as indicated by the above tables.
6. Level 5: Paranoid. This is the highest security level and it locks down the entire system. All of the security checks are enabled and the administrator will have to activate ports manually to enable services, and explicitly grant access to those services.

msec is the main script of the msec package. It enables the system administrator to change the security level for that system. msec is provided with six preconfigured security levels. These levels range from poor security and ease of use, to paranoid config, suitable for very sensitive server applications.

You must be root to run msec. Launch msec x to set you security level to x (x=[0-5]). It’ll modify your system according to security level x features. Called without argument, it will enforce the current security level without lowering security. All the changes are logged to syslog at the AUTH facility when called non interactivelly (by cron for example) or at the LOCAL1 facility when called interactivelly (on the command line or from Mandriva Linux Control Center for example). For a fine description of each security level, consult the documenta- tion under /usr/share/doc/msec-*/security.txt.