Projects / grsecurity / Comments

Comments for grsecurity

10 Oct 2003 21:06 tjh

Grsec is amazing
This is now something I use by default on all my systems. It's totally stable and gives you that extra layer of security needed these days.

I can't recommend GrSecurity enough. It should be in the default kernel.

Tim

25 Apr 2003 06:02 searchsavi

help me ... i am in confusion????
Actually... how is acl can view and even auditing without a front end??? just tell me something how to see the alert in auditing and whether this support the webmin

19 Feb 2003 12:05 spender

Re: extremely powerful and easy to configure

> Grsecurity is a great linux kernel patch
> that implements PaX protection (sort of
> like openwall)


This kind of comparison is similar to comparing a small hut to a skyscraper. Openwall's non-executable stack is a tiny subset of the full capabilities of PaX. The PaX team has recently released documentation available at http://pageexec.virtualave.net/docs/ that should clear up any misconceptions regarding its design and effectiveness.

19 Feb 2003 11:50 tgkx

extremely powerful and easy to configure

Grsecurity is a great linux kernel patch that implements PaX protection (sort of like openwall), MAC (mandatory access control), and control of the network subsystem.

Setting up MAC with this is much easier than alternative security kits because of its auto learning feature that basically can write the acl's for you.

Try it!

24 Nov 2001 10:34 TomekLutel

Wow! Good work ! :-)
This patch is amazing in terms of security. I'm using it by default in all my systems, and it's going perfectly well. THANKS!

18 Oct 2001 21:12 spender

Re: download?
Thanks for letting me know. I'll move my dns off the company i bought the domain from.

-Brad

18 Oct 2001 20:11 swae4yvr

Re: download?
Not a problem. You deserve many thanks from a lagre
group of people.

I was just tring to help people find your tools. I'm
not sure if you know it, but earlier today your site
looked like it had disappeared. If one used the IP
address or omitted www. from the URL, the site worked
as expected. However, many people who tried
http://www.grsecurity.net/
got a page containing a banner saying that the domain
had been parked and the remainder of the page was
www.epilot.com/sdspartners/homepage.asp

I don't know how wide spread the problem was, but
both URLs resolved to the same IP address, so it
looked like a name based virtual host setup to me.

18 Oct 2001 17:53 spender

Re: download?
sorry about that last post...i didn't read your comment clearly. you said exactly what i was trying to prove...haha...my apologies.

Brad

18 Oct 2001 17:52 spender

Re: download?
the webpage for the site is clearly stated in the freshmeat info for grsecurity, "http://www.grsecurity.net"...as for the other comment about how it seems that i'm trying to make money...that's blatantly false, so is the "security through obscurity" claim...the patches add REAL security features to the kernel...it doesn't just change your kernel to make it different than everyone elses. Please don't post such irrelevant and inaccurate information in the future. grsecurity is open-sourced and GPL'd. I have never planned to make money off of it, nor will I in the future. I worked on it as a contribution to the open-source community, since at its conception, nothing else was available for the 2.4 kernels (and there still isn't). On a side note, grsecurity 1.8.4 will be out shortly...if you have an SMP system and would like to test it for me, please email me at spender@grsecurity.net. Thanks,
Brad

-Brad

-Brad

27 Aug 2001 17:07 jeffcovey

Re: Usage of 1.7-2.4.9 is buggy

> I'd also like to note that it would be much more useful to everyone
> involved, and would be a great courtesy to me to have bugreports
> reported directly to me at my email address
> spender@securedlinux.org, as I don't check this page often

If you go to <a
href="http://freshmeat.net/my/preferences/">http://freshmeat.net/my/preferences/,
you can request to have comments posted on your projects' pages mailed
to you.


HTH.

Screenshot

Project Spotlight

ReciJournal

An open, cross-platform journaling program.

Screenshot

Project Spotlight

Veusz

A scientific plotting package.