Re: Grsec or lids?

From: Paulo Abrantes (pcma@mega.ist.utl.pt)
Date: 12/21/02

  • Next message: Alberto Gonzalez: "Re: Grsec or lids?"
    Date: Sat, 21 Dec 2002 00:19:22 +0000
    From: Paulo Abrantes <pcma@mega.ist.utl.pt>
    To: security-discuss@linuxsecurity.com
    
    

    On Sat, 21 Dec 2002 00:49:52 +0100
    Andreas Krennmair <ak@students.htl-klu.at> wrote:

    > * Paulo Abrantes <pcma@mega.ist.utl.pt> [2002-12-18 21:12]:
    > > Both of the patches you mention are quite good, though I prefer
    > > GRSecurity. Being short and objective, is because GRSecurity
    > > includes all the features that LIDS can give you, plus a couple
    > > of other, quite interesting. Just to give an example, LIDS only
    > > detects a portscan, though with GRsecurity you can detect it and
    > > bogus the reply to make OS fingerprint more difficult (I won't
    > > say impossible).
    >
    > Bah, this is only security by obscurity. Spoofing fingerprints doesn't
    > make the system more secure.
    >

    Security by obscurity, doesn't make your system more secure, though
    in this case, this feature makes your life easier to prevent worms
    and kiddies hits on you when they're scanning through OS fingerprints.

    Still I just pointed this feature as a plus of GRsecurity, though,
    that's not the unique one, if you don't know the program I suggest
    you, not to criticise. GRsecurity also implements features has system
    tracing, user activity logging, user restriction highly configurable,
    which will probably come in hand when implementing a shell server.

    Regards to both,

    P. Abrantes

    ++++++++++++++++++++++++++++++++++++++++
            Computer Science Student @
            Instituto Superior Tecnico
               (http://www.ist.utl.pt)
     
     "A language that doesn't affect the way
    you think about programming is not worth
    knowing."
    ++++++++++++++++++++++++++++++++++++++++
    ------------------------------------------------------------------------
         To unsubscribe email security-discuss-request@linuxsecurity.com
             with "unsubscribe" in the subject of the message.