IronBox Linux 3.0 FAQ

Go back to main page

Q: What is IronBox Linux?
A: IronBox Linux is a linux distribution based on Linux From Scratch designed for usage in high security server environments. The main goal of this specific linux distribution is to ensure a stable and secure deploy where patching and system upgrades do not depend on security bugs but on the task team schedules and the needed features of the system or the software it runs.

Q: Who should run IronBox Linux?
A: IronBox Linux is designed to run in environments where security is critical. Such environments are banking or military systems, satellite systems, casinos, online billing systems, etc... Of course, it could be used for standard envronments and relieve the technical staff of installing security patches all day long or worry about 0day exploits or attacks.

Q: Can I run it on my server?
A: Yes

Q: What is the root login/password?
A: The VmWare appliance distribution has root/root as login/passwd. You should change it as soon as possible

Q: Why all the executables and packages are linked to the usual directories like /bin, /lib, etc?
A: IronBox is not a standard linux. By having all the packages in separate directories you can restrict the entire usage of a package to an user or group of users with changing the permissions of a single directory

Q: What are the kernel sec levels at boot?
A: Each sec level has different security measures and options built into the kernel
Sec level 1 is the highest security level and is designed for boot and forget operation like remote stations or satellites where kernel patching or reinstallation may be risky or not possible. Java and other virtual memory applications will not run under this security level because of the memory protections it provides. For example, java would be tagged as an exploit and will be denied execution because of it's way to use memory.
Sec level 2 is the default security level where the system is mostly invulnerable to memory exploits. Practically all services and applications should be able to run under this security level.
Sec level 3 is a more relaxed security level and is a bit higher than any standard linux distribution. Some memory and user level protections are still in place, but most of them are disabled. Use this security level for testing or running buggy applications. In most cases, if your application does not run properly under this security level, you should fire your development team ASAP.

Q: What do these sec level numbers mean exactly?
A: Security levels have 3 numbers: X.Y.Z
X = Read the previous answer
Y = This is the way how the system handles security breach attempts. If it's 1, then any process from the user that generated the security breach attempt will be killed and this user will not be allowed to spawn more processes until the system is rebooted. If the user generating the security breach attempt has root privileges, then the system is halted. If this parameter is 0, then the process trying to generate a security breach attempt is killed and logged while the system continues working as usual.
Z = If this parameter is 0, then the system kernel will have no modules suport. If this parameter is 1, then the system kernel will be able to load modules.

Q: Is this the most up to date release?
A: No. The up to date releases are not available for public download. In any case, even not being up to date, it's probably more up to date than your current linux distribution and for sure it's more secure even not being up to date.

Q: I see an Apache and MySQL starting at bootup. Also I see them when I run ps aux as root. When I go to these directories turns out they don't exist. What's happening?
A: All the services are chrooted and isolated. Take a look at the /srv directory and feel free to call us for a consultancy

Q: I want RANDOM FEATURE included into IronBox Linux
A: Sure, call us and we can arrange a deal

Q: Can I use IronBox Linux for business critical tasks
A: Yes. Call us and we will provide you with up to date release and an affordable maintainance plan.

Q: How can I contact you?
A: Just call +34 626761061

Q: Why is this site so ugly?
A: A very polite cannibal ate our web designer.