On Sat, 19 Feb 2005 [EMAIL PROTECTED] wrote:
> On Fri, Feb 18, 2005 at 08:11:28AM -0500, Michael Stone wrote: > > On Fri, Feb 18, 2005 at 05:07:40PM +1100, [EMAIL PROTECTED] wrote: > > >I like using non-modular kernels to prevent LKMs > > > > Of course, running a non-modular kernel doesn't prevent kernel rootkits. > > yes - and I have been the victim of one of these (the 'suckit' rootkit). > But at least using non-modular kernels prevents one class of attacks... other (secure) kernel options .. http://Linux-Sec.net/Kernel some are too much for me to understand its benefits vs running generically - i usually also install libsafe in some attempt to prevent buffer overflow of apps ( if that works as advertised ) - i usually take 1 min to patch the generic kernel with openwall - i usually turn on all the security options at the end of the "make xconfig" /tmp, /proc, .. - i usually change kernel params for syncookies - do more network, system and suser hardening which i think is more important than the kernel security tweeking(addon) options ? - endless list of hardening .. how much is good enough ?? - if it's simple to understand and takes "30 seconds" to implement, it'd be a good thing to do c ya alvin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]