Re: Grsec or lids?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



* Paulo Abrantes <pcma@mega.ist.utl.pt> [2002-12-18 21:12]:
> Both of the patches you mention are quite good, though I prefer
> GRSecurity. Being short and objective, is because GRSecurity 
> includes all the features that LIDS can give you, plus a couple
> of other, quite interesting. Just to give an example, LIDS only
> detects a portscan, though with GRsecurity you can detect it and 
> bogus the reply to make OS fingerprint more difficult (I won't
> say impossible).

Bah, this is only security by obscurity. Spoofing fingerprints doesn't
make the system more secure.

If the original poster is interested in serious security, I'd suggest to
have a look at systrace for Linux:
http://www.citi.umich.edu/u/provos/systrace/linux.html

It's simple, it's effective, and you have to think about security
policies. Without security policies "security" doesn't exist.

A while ago, I added privilege elevation to systrace for Linux, but it
is based on an old patch with less features (i.e. it doesn't have
argument rewriting): http://synflood.at/systrace/

Regards,
Andreas Krennmair
-- 
Andreas Krennmair <ak@students.htl-klu.at>
------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux