* Paulo Abrantes <pcma@mega.ist.utl.pt> [2002-12-18 21:12]: > Both of the patches you mention are quite good, though I prefer > GRSecurity. Being short and objective, is because GRSecurity > includes all the features that LIDS can give you, plus a couple > of other, quite interesting. Just to give an example, LIDS only > detects a portscan, though with GRsecurity you can detect it and > bogus the reply to make OS fingerprint more difficult (I won't > say impossible). Bah, this is only security by obscurity. Spoofing fingerprints doesn't make the system more secure. If the original poster is interested in serious security, I'd suggest to have a look at systrace for Linux: http://www.citi.umich.edu/u/provos/systrace/linux.html It's simple, it's effective, and you have to think about security policies. Without security policies "security" doesn't exist. A while ago, I added privilege elevation to systrace for Linux, but it is based on an old patch with less features (i.e. it doesn't have argument rewriting): http://synflood.at/systrace/ Regards, Andreas Krennmair -- Andreas Krennmair <ak@students.htl-klu.at> ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.