|[Lxasecurity] Re: linux security [message #77 is a reply to message #76]
||Thu, 28 July 2005 07:47
Registered: July 2006
Security is actually a lengthy process. One of the basic ways is to make sure the kernel has the security modes implemented. You can recompile the kernel with the pax patch so that the normal buffer overflow vulnerabilities are completely blocked out.|
You can install programs like samhain (COmes default with lxadmin) that can monitor the system for any file modifications. This cannot prevent hacks, but it can detect them once they happen, and it will notify you if the hacker tries to get a permanent hold on your system by modifying the system programs to create backdoors.
Whatever you do, you cannot avoid tracking all the major packages in your system for vulnerabilities. You have to make sure that the daemons/softwares in your system do not have any publicly known vulnerability, and this would mean you have to be constantly on the alert for any new vulnerabilities.
We will be publishing some detailed articles on making linux secure, and also the features that lxadmin will provide towards this.
Lxasecurity mailing list
[Updated on: Thu, 28 July 2005 08:22]
Report message to a moderator