I definitely agree.
xyon wrote:
down more tightly. I'd also recommend disabling loadable module support in
your kernel ;)
Also, didn't that paper on the idle scan mention that more random IPIDs
would help prevent idle scans? GrSecurity has just the feature to take
care of this. You might want to check into using some of the GRSecurity
features in the kernel. :)
HTH!
I decided to make all of my servers on hardened gentoo kernels without
loadable module support. GRSecurity has a number of great features
including /proc restrictions, memory randomization, trusted execution,
and denial of server sockets to users. The trusted execution is a very
powerful feature. "Untrusted users will not be able to execute any files
that are not in root-owned directories writable only by root."
Also, I think the Gentoo Infrastructure servers are all hardened boxes.
--
Michael Liesenfelt
University of Florida
Innovative Nuclear Space Power and Propulsion Institute
begin:vcard
fn:Michael Liesenfelt
n:Liesenfelt;Michael
org:Innovative Nuclear Space Power and Propulsion Institute;Nuclear and Radiological Engineering
adr:University of Florida;;2800 SW Archer Rd. Bldg.554;Gainesville;FL;32611-6502;US
email;internet:[EMAIL PROTECTED]
title:Student
tel;cell:954.319.2274
x-mozilla-html:FALSE
url:http://inspi.ufl.edu/mliesenf
version:2.1
end:vcard
