The options/programs I have found that help with this are:
Snort or OSSEC
From my current reading, I believe that one can either run SELinux or AppArmour, running both is either not possible, or not normal practice.
AppArmor is a powerful program and, when an application is confined, AppArmor can restrict the activity of even the root user. AppArmor was designed as an alternative to SELinux and is designed to be easier to use.
Reading this, I am thinking AppArmour may be the better decision as the entire subject of system hardening is new to me, and this concept seems a simple one to comprehend.
I'm assuming that Snort or OSSEC can operate with either option, but perhaps I'm mistaken.
I realise I haven't offered much here in terms of specific questions, but I'm just trying to find my feet with the subject matter, so am looking at this from a high level right now.
But if anyone can offer any advice/direction on the subject, it'd be most appreciated.
EDIT - Just wanted to add another query. How much of an effect on speed does encrypting your entire installation make? My PC is a 2ghz, 1gb RAM box, so it's hardly a great machine, perhaps the specs aren't good enough and perhaps doing so would be overkill in any case. What is the standard way of implementing this? I know TrueCrypt can do it, but when I install Ubuntu server it offers the option of encrypting my Home directory, but the Desktop version does not, but I assume it can be done, just encrypting the Home directory seems the more practical solution (and also the Swap partition). If I did just encrypt Home/Swap, am I leaving critical areas exposed? Just some ideas/thoughts.
Again, merci beaucoup
Edited by Swerve, 17 January 2009 - 12:20 PM.