[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What is the best free HIDS for Debian

Am 08.05.2022 20:48, schrieb Michael Lazin:
SELinux was made by the NSA but it open source, anyone can review the
source code, this is part of what makes open source software reliable,
it gets seen by many eyes, and even if you don’t review every line
of code yourself you have a web of trust that someone has reviewed it,
and it is strengthened by key signing which is more common in the
Debian community.  Thank you.

Michael Lazin

If you talk about SELinux then let me talk about the times when Apparmor was not a default component to be installed, when I was creating and sharing Apparmor profiles to keep this technology supported. Sure, I have also read into SELinux. It can offer a better level of security, but it is more difficult to create profiles for it. The thing about rkhunter as I learned to know it was that it can only detect known rootkits. So who is adding NSA rootkits then? I am sure the NSA knows to prevent this. It would be nice to know about the circle of people who add rootkit descriptions/ detection code. Any way, if they have written the software, they will always know about the quirks and intricacies to avoid detection when it comes for them to deploy their own rootkits.

Reply to: