On Sat, 21 Dec 2002 00:49:52 +0100 Andreas Krennmair <ak@students.htl-klu.at> wrote: > * Paulo Abrantes <pcma@mega.ist.utl.pt> [2002-12-18 21:12]: > > Both of the patches you mention are quite good, though I prefer > > GRSecurity. Being short and objective, is because GRSecurity > > includes all the features that LIDS can give you, plus a couple > > of other, quite interesting. Just to give an example, LIDS only > > detects a portscan, though with GRsecurity you can detect it and > > bogus the reply to make OS fingerprint more difficult (I won't > > say impossible). > > Bah, this is only security by obscurity. Spoofing fingerprints doesn't > make the system more secure. > Security by obscurity, doesn't make your system more secure, though in this case, this feature makes your life easier to prevent worms and kiddies hits on you when they're scanning through OS fingerprints. Still I just pointed this feature as a plus of GRsecurity, though, that's not the unique one, if you don't know the program I suggest you, not to criticise. GRsecurity also implements features has system tracing, user activity logging, user restriction highly configurable, which will probably come in hand when implementing a shell server. Regards to both, P. Abrantes ++++++++++++++++++++++++++++++++++++++++ Computer Science Student @ Instituto Superior Tecnico (http://www.ist.utl.pt) "A language that doesn't affect the way you think about programming is not worth knowing." ++++++++++++++++++++++++++++++++++++++++ ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.