User: Password:
|
|
Subscribe / Log in / New account

Use grsecurity on critical machines!

Use grsecurity on critical machines!

Posted Dec 13, 2003 7:58 UTC (Sat) by penguinroar (guest, #14460)
In reply to: Use grsecurity on critical machines! by emk
Parent article: Lessons from the Debian compromise

I agree with the parent poster, its time to harden the kernel a bit to keep ahead of the crackers. I dont meen that bugs should be downplayed but to have both belt and straps is by my own opinion a good thing. There are several implementations of hardened kernels but i havent seen any broad use of them yet.

Intrusion detection is a harder nut to crack since a to vicious one will cry wolf to much. Some kind of self check of the kernel against a hash only readable and written once at boot maybe?


(Log in to post comments)

hardening the kernel

Posted Dec 13, 2003 19:16 UTC (Sat) by giraffedata (subscriber, #1954) [Link]

Some kind of self check of the kernel against a hash only readable and written once at boot maybe?

Maybe, but that wouldn't be a lesson learned from this incident. The kernel wasn't modified. (The problem is that the cracker was able to read kernel memory).


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds