Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Linux
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Securing Fedora Core 4

from [Joachim Schipper] Network Security [Permanent Link]
Subject: Re: Securing Fedora Core 4
Date: Sat, 24 Sep 2005 22:37:49 +0200 
AragonX a ?crit :


<quote who="Cocobu">



A good idea is patching the kernel with grsecurity
(http://www.grsecurity.net/)

Just my 2 cent.
  



That's the 2nd time I've heard that package suggested.  I checked out the
web site and it looks very powerful.  How easy is it to configure and
understand?

My major problem with SELinux was that it was so complex, I couldn't see
everything it was doing easily.  That made it a not so good security tool
for me because I just had to trust that it was doing the right job and
doing it well...


On Fri, Sep 23, 2005 at 02:58:39PM -1000, Cocobu wrote:

There is a quickstart paper on installing and configuring grsecurity 
(http://www.grsecurity.net/quickstart.pdf)


GrSecurity has the very powerful advantage of working well without
ACLs/MAC.  There is a MAC subsystem, to be sure, but what I like most is
the randomization of all and sundry and the hardened chroot() jails.

MAC is complex, difficult to set up, very nonportable and not very
UNIX-like. Chroot() works just fine.

Additionally, the grsecurity patch contains the important kernel
security patches when/if required, and tracks the new kernel pretty well
(though it's a little behind right now).

                Joachim
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Securing Fedora Core 4, Fco. Jose Garrido Matamoros
Next by Date:  Re: Securing Fedora Core 4, Glynn Clements
Previous by Thread:  Re: Securing Fedora Core 4, Cocobu
Next by Thread:  Re: Securing Fedora Core 4, Ryan Cummings
Indexes:  [Date] [Thread] [Top] [All Lists]