LIDS on production server anyone??

From: Nawapong Nakjang` (tony_at_ksc.net)
Date: 07/04/03

  • Next message: Ralf Dreibrodt: "Re: LIDS on production server anyone??"
    To: <focus-linux@securityfocus.com>
    Date: Fri, 4 Jul 2003 16:55:35 +0700
    
    

    Has anyone every successfully deployed an LIDS-patched kernel on a
    production Linux server?
    Although LIDS makes the system impossible to abuse, it also makes it
    impossible to administer!
    I've created a baseline policy for init/shutdown and almost every
    services but still feel reluctant using it on a real server.

    Nawapong Nakjang
    IT Security Specialist
    Security Team, Network Operation Center
    KSC Commercial Internet Co, Ltd.
    E-Mail: tony@ksc.net

    PGP Key:

    -----BEGIN PGP PUBLIC KEY BLOCK-----
    Version: PGP 8.0.2

    mQGiBD7/pu8RBADQUn8Cu8paRp3RCOjTaCSn60A+WmeWaR8rJlbVMVAwQHC+ukmK
    /NQXjrVal4m2hPN7rDdqPfzIq6+Qqxnl/ABUsC+/Vdl6cUWS2epDnNCU/zsAkvoO
    1IrVt4Onu5kazu5zQRSZzvfz6VypKz0lL95iG+zQ4N/8ySl2ulbwV4n8fwCg/0RT
    2q04ROhCKARc7v/fqGr7s8sEAKFkrIluQ893iBfu0WzWX0KwegQCPtXqIslya2Ac
    Armke/IaXWUL2bteF8WdaG5Z7BEBhw+6s7jeGIazgCCvN4a8P20o2t1lte5fQP3X
    JpBsj52ALKX+vD92KA6gTlYX+1GOd8ay4KxEbIB8EVOntHU9Q274FJDpa9GWONzF
    h9ZaBACRwgsNiBc/m1jht57fyDLG/e+kAZCUeen/hROok+1XZYluJd24hfFTFgzT
    kn7Q3cN2AM2ZuDtLBCeonyTOJKy2ynvoD/yWjIUA9dIE+XWGrgQffr4A32zjOl7/
    BdRFjRpbxrq+QCw49JPNLJWfkrRqpEJDer0dzpyxpPWnjDcRwrQfTmF3YXBvbmcg
    TmFramFuZyA8dG9ueUBrc2MubmV0PokAWAQQEQIAGAUCPv+m7wgLCQgHAwIBCgIZ
    AQUbAwAAAAAKCRCoZlyho4t6xh5jAJ9YvbrO/Db2UX4pc8CdwahP+esF2wCgjZhQ
    6uAQENGza7pNEviVAiszTyi5Ag0EPv+m7xAIAPZCV7cIfwgXcqK61qlC8wXo+VMR
    OU+28W65Szgg2gGnVqMU6Y9AVfPQB8bLQ6mUrfdMZIZJ+AyDvWXpF9Sh01D49Vlf
    3HZSTz09jdvOmeFXklnN/biudE/F/Ha8g8VHMGHOfMlm/xX5u/2RXscBqtNbno2g
    pXI61Brwv0YAWCvl9Ij9WE5J280gtJ3kkQc2azNsOA1FHQ98iLMcfFstjvbzySPA
    Q/ClWxiNjrtVjLhdONM0/XwXV0OjHRhs3jMhLLUq/zzhsSlAGBGNfISnCnLWhsQD
    GcgHKXrKlQzZlp+r0ApQmwJG0wg9ZqRdQZ+cfL2JSyIZJrqrol7DVekyCzsAAgIH
    /ioTHmSpvAE8LN4CzkVl79nI6/c4D+7lwDjWd62U0NeM05NoI0EqVooudphX1tay
    Z071bsYwVFSdXjYnbERggB4pQmXf5mqwl60PIu1dBEMPjfAj/61KVVuaWu0HBjEt
    GJj2lGbG8joUP2+RipkPV+sAPtKyynsx0WsLNCOZfWnVRA/RsEr3nUl6g3REwYE7
    lqYaN7f9183D9IXlG7ilEcBeHPAb6LyyE4PDrQum+VsbIFe1DOLHMgr786skWifO
    LlexwRRbD++MeymQxju4DsGcCTgPlfKaMsY47jr0NJZuLrJQH8Dy4fYBN9toqFwl
    9uokDDvgCnaaM+h/doIjtyiJAEwEGBECAAwFAj7/pu8FGwwAAAAACgkQqGZcoaOL
    esZdrACgyqmhGdr+kUibPDWh8sV8kcb0/QYAn0kFoPbZqHvQ92M2uAwuwVBjn1aN
    =uaiT
    -----END PGP PUBLIC KEY BLOCK-----


  • Next message: Ralf Dreibrodt: "Re: LIDS on production server anyone??"