Re: Grsec or lids?

From: Andreas Krennmair (
Date: 12/21/02

  • Next message: Alberto Gonzalez: "Re: Grsec or lids?"
    Date: Sat, 21 Dec 2002 00:49:52 +0100
    From: Andreas Krennmair <>

    * Paulo Abrantes <> [2002-12-18 21:12]:
    > Both of the patches you mention are quite good, though I prefer
    > GRSecurity. Being short and objective, is because GRSecurity
    > includes all the features that LIDS can give you, plus a couple
    > of other, quite interesting. Just to give an example, LIDS only
    > detects a portscan, though with GRsecurity you can detect it and
    > bogus the reply to make OS fingerprint more difficult (I won't
    > say impossible).

    Bah, this is only security by obscurity. Spoofing fingerprints doesn't
    make the system more secure.

    If the original poster is interested in serious security, I'd suggest to
    have a look at systrace for Linux:

    It's simple, it's effective, and you have to think about security
    policies. Without security policies "security" doesn't exist.

    A while ago, I added privilege elevation to systrace for Linux, but it
    is based on an old patch with less features (i.e. it doesn't have
    argument rewriting):

    Andreas Krennmair

    Andreas Krennmair <>
         To unsubscribe email
             with "unsubscribe" in the subject of the message.