On 08/01/2016 08:15 PM, Luke wrote: > On 08/01/2016 07:04 PM, fauno wrote: >> André Silva <[email protected]> writes: >> >>> [ Unknown signature status ] >>> On 08/01/2016 07:23 PM, André Silva wrote: >>>>>> * Testing against all type of attacks to check our security settings is >>>>>> ok. >>>>> +1. We should have someone audit the server for any vulnerabilities. >>>> +1, i suggest use linux-libre-audit for it. >>> In this case, since it is a server, i could create a modified version of >>> linux-libre-lts with AUDIT support called linux-libre-lts-audit, what do >>> you think guys? >> what about grsec? >> > grsec would probably be better for the server, but what does the audit > kernel do? I meant literally audit it, as in run nmap and other tools to > scan for vulnerabilities...
AUDIT support is useful for debugging, however it is disabled in default kernels for performance reasons. btw, grsec would probable be better for the server too. i agree about it.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dev mailing list [email protected] https://lists.parabola.nu/mailman/listinfo/dev
