Re: cracked? "rm uses obsolete (PF_INET,SOCK_PACKET)"
On 15 Jun 2003 at 10:36, Noah Meyerhans wrote:
> In terms of protecting against breakin, it seems like a lot of people
> here have been advocating the grsecurity kernel patch. I have no
> experience with it, but the list of features certainly makes it sound
> like it will protect against some of the frequently exploited classes
> of bugs. Certainly not all of them, though. The best thing you can
> do to keep your machine secure is to simply pay attention to what's on
> it and to the potential intrusion vectors that exist. If you can
> minimize those, you don't even need grsecurity. (Though there's
> nothing wrong with a little paranoia, especially now that you've
> already experienced a breakin.)
Some features like overflow-protection make grsecurity really
interesting, I think. Need to look into that one further in a while.
Using all of grsecurity's features is surely not necessary. But it's
amazing what "switch it on and you're secure"-features you get (e.g.
overflow protection, which makes it REALLY interesting for me).
Stefan
Reply to: