Comments for grsecurity
help me ... i am in confusion????
Actually... how is acl can view and even auditing without a front end??? just tell me something how to see the alert in auditing and whether this support the webmin
Re: extremely powerful and easy to configure
> Grsecurity is a great linux kernel patch
> that implements PaX protection (sort of
> like openwall)
This kind of comparison is similar to comparing a small hut to a skyscraper. Openwall's non-executable stack is a tiny subset of the full capabilities of PaX. The PaX team has recently released documentation available at pageexec.virtualave.ne... that should clear up any misconceptions regarding its design and effectiveness.
extremely powerful and easy to configure
Grsecurity is a great linux kernel patch that implements PaX protection (sort of like openwall), MAC (mandatory access control), and control of the network subsystem.
Setting up MAC with this is much easier than alternative security kits because of its auto learning feature that basically can write the acl's for you.
Try it!
Wow! Good work ! :-)
This patch is amazing in terms of security. I'm using it by default in all my systems, and it's going perfectly well. THANKS!
Re: download?
Thanks for letting me know. I'll move my dns off the company i bought the domain from.
-Brad
Re: download?
Not a problem. You deserve many thanks from a lagre
group of people.
I was just tring to help people find your tools. I'm
not sure if you know it, but earlier today your site
looked like it had disappeared. If one used the IP
address or omitted www. from the URL, the site worked
as expected. However, many people who tried
www.grsecurity.net/
got a page containing a banner saying that the domain
had been parked and the remainder of the page was
www.epilot.com/sdspart...
I don't know how wide spread the problem was, but
both URLs resolved to the same IP address, so it
looked like a name based virtual host setup to me.
Re: download?
sorry about that last post...i didn't read your comment clearly. you said exactly what i was trying to prove...haha...my apologies.
Brad
Re: download?
the webpage for the site is clearly stated in the freshmeat info for grsecurity, "www.grsecurity.net&quo... for the other comment about how it seems that i'm trying to make money...that's blatantly false, so is the "security through obscurity" claim...the patches add REAL security features to the kernel...it doesn't just change your kernel to make it different than everyone elses. Please don't post such irrelevant and inaccurate information in the future. grsecurity is open-sourced and GPL'd. I have never planned to make money off of it, nor will I in the future. I worked on it as a contribution to the open-source community, since at its conception, nothing else was available for the 2.4 kernels (and there still isn't). On a side note, grsecurity 1.8.4 will be out shortly...if you have an SMP system and would like to test it for me, please email me at spender@grsecurity.net. Thanks,
Brad
-Brad
-Brad
Re: Usage of 1.7-2.4.9 is buggy
> I'd also like to note that it would be much more useful to everyone
> involved, and would be a great courtesy to me to have bugreports
> reported directly to me at my email address
> spender@securedlinux.org, as I don't check this page often
If you go to freshmeat.net/my/prefe...,
you can request to have comments posted on your projects' pages mailed
to you.
HTH.
Grsec is amazing
This is now something I use by default on all my systems. It's totally stable and gives you that extra layer of security needed these days.
I can't recommend GrSecurity enough. It should be in the default kernel.
Tim