Atomic Secured Linux(ASL) is a complete security solution for our Linux servers. At the time of install it hardens server at kernal level and implement firewall rules, malware instruction detection tools etc. At this moment we will get a 10 Days free trial option after signing up and test it out the working.  I have successfully installed the same on an amazon EC2 instance having Webmin installed and below are the steps followed.

  • Logged in to the server I have and executed below command.
Copy to Clipboard

Initially I got the message as not able to install the ASL because the current kernal is not supported and its an outdated one even if I am using Centos7.

So I did an “yum update” in the server and its updated current kernal and also updated many packages in the server. After that I successfully started the ASL install.

  • Hit any to confirm with ASL licence agreement.
  • Type “yes” at stage “Do you Agree to these terms”
  • In my case I have third party repositories enabled because I am using webmin. At the time of install ASL will not recommend the same and it will ask the permission to disable the same. So type “yes” at stage “Do you wish to allow ASL to disable these repos”

  • Now the ASL tried to install the packages used by them and in my case I got below error.
Copy to Clipboard
Copy to Clipboard
  • From the error what I understood is package “clamd” is preventing to to update the clamav packages which is already installed in the server and came by default during the installation of webmin.
  • As a solution I removed below packages from the server and rerun the ASL install again.
Copy to Clipboard
  • Now ASL successfully installed the packages  needed by them  and prompted ASL configuration window.

  • Update Type  choose “All”
  • Update frequency “daily”
  • ASL mode ” server”
  • Advanced database configuration , I choose “no”

  • In order to install the ASL database ASL install script need the MySQL root login details.So type “yes” if ask  “continue “
  • Enter MySQL root username and password in the corresponding fields.

  • Hit Enter and use default settings at “Email address for notifications”
  • Hit Enter and use default settings at “Max Email notifications per hour”
  • Hit Enter and use default settings at “Administrators”
  • Hit Enter and use default settings at ” Enable ASL active response to attacks”, by default ASL will white-list our server IP address and the localhost.
  • Hit Enter and use default settings at “IP white-list”
  • Hit Enter and use default settings at “Configure ASL console Access list”
  • Hit Enter and use default settings at ” Enter list of IPs to allow access to the ASL console”
  • Hit Enter and use default settings at ” Configure inbound TCP firewall policy”

  • Hit Enter and use default settings at “Configure firewall outbound policy”
  • Hit Enter and use default settings at “Configure inbound UDP firewall policy”

  • Hit Enter and use default settings at “Enable AutoShun blacklist”
  • Hit Enter and use default settings at”Enable CI army blacklist’
  • Hit Enter and use default settings at “Enable Dsheild blacklist”
  • Hit Enter and use default settings at “Enable Emerging threats blacklist”
  • Hit Enter and use default settings at ” Enable Spamhaus LASSO blacklist”
  • Hit Enter and use default settings at”Enable Spamhaus Extended LASSO blacklist”
  • Hit Enter and use default settings at ” Enable openBL blacklist”
  • Hit Enter and use default settings at “Enable open proxies blacklist”
  • Hit Enter and use default settings at “Enable TOR blacklist”

  • Now ASL will automatically identify which kernal is used by us and does the server is build on using any kind of virtualization technologies etc so we have to confirm the same at ASL install stage”
  • Hit Enter and use default settings at “Virtualization type”
  • Hit Enter and use default settings at “Do you understand that only RPM package managed environments cab be supported.”

  • Hit Enter and use default settings at ” Allow run time kernal module loading”
  • Hit Enter and use default settings at ” Enable PHP checks”

  • Now its the time to choose do we want to use secured kernal provided by ASL itself or do we need to use the current one itself.  The main point we need to remember is if we are using any software which is build on kernal  like CloudLinux then we have to disable install of kernal provided by ASL.
  • In my case I am not using anything like that, so I choose “yes”
  • Hit Enter and use default settings at “Install ASL kernal”

  • This will conclude the ASL configuration step and ASL will try services used by them and will initiate the server scan automatically.We can see scan results in the screen itself. Below are some of the screenshots for the same.

  • Hit Enter and use default settings at “Would like to scan the system for malware”. But I choose no because mine was fresh server.
  • ASL has a nice web-interface which is used to manage ASL settings in the server. This can accessed over the port “30000”. So make sure this port is opened in the firewall. In my case I have to white-list the same in the Amazon web interface.
  • Hit Any key to exit the install.
  • This will conclude the ASL install in a server with minimal settings.

  • Below is the sample screenshot of ASL web interface. Please note that the login details of the ASL interface is same as the logins we used at the time of sign up with them. I do also remember there is an option to give the logins at the initial stage of ASL install. But forget to give the details. But we can always get the login details from the /etc/asl/config file.