Slashdot Mirror

← Back to Stories (view on slashdot.org)

HP To Sell Custom High-Security GNU/Linux Distro

Posted by timothy on from the what-about-settling-on-debian dept.

bc90021 writes: "CNET has this story about Hewlett Packard's new secure version of Linux. Using 2.4.2, it can supposedly detect attacks as they happen. (At $3,000, I think it should counter-attack, too.) It will be available on HP servers (duh), or on servers that pass the RedHat 7.1 server qualification tests."

5 of 227 comments (clear)

  1. HP-LX by MikeCamel · · Score: 5, Informative
    A search on HP's site yields a training course which has been available for around a month. The name of the product seems to be "HP-LX".

    Here are some of the issues listed on the page:

    • secure administration model
    • lockdown
    • process containment (compartmentalization)
    • file system protection (MAC)
    • auditing.
    So I presume that these will all be central to the new product. It seems fairly sensible - and it will be interesting to find out the details of exactly what they've implemented, and how.

  2. Kernel Component of Secure Linux is Under GPL by Bruce+Perens · · Score: 5, Informative

    I am announcing this product in an hour. Shankland loves to jump the gun.

    The kernel component of HP Secure Linux is under the GPL license. All of the other Linux security vendors currently hide their security mods to the kernel in binary-only modules, IMO abusing the modules exception to the kernel. HP would rather not play games of getting around the GPL. The user-mode component of Secure Linux is not GPL-ed, but we understand that given the kernel drivers, programmers can roll their own.

    Thanks

    Bruce

    --
    Bruce Perens.
    1. Re:Kernel Component of Secure Linux is Under GPL by bhsx · · Score: 2, Informative

      You sir, are a fool. Yes, he works for HP. He is Bruce Perens... the REAL Bruce Perens, idiot.
      But for the uninformed who may be thinking the same thing as this fool, here are a few links to a clue, please drop a quarter in the slot...

      http://linuxtoday.com/stories/4179.html

      http://slashdot.org/interviews/99/07/30/2220240. sh tml

      http://lwn.net/1998/1119/Trojan.html

      http://www.linuxdevices.com/news/NS8872688150.ht ml

      http://embedded.linuxjournal.com/advertising/pre ss /perens.php?sid=17

      and finally... you should probably check this last one out...

      http://www.hp.com/products1/linux/news_events/pr es s_releases/perens.html

      That last one is the HP announcement titled "Bruce Perens, Open Source advocate, joins hp".

      --
      put the what in the where?
  3. Counter-Attack this FUD by Psarchasm · · Score: 2, Informative

    Your DHCP server detects a buffer-overflow
    Uhh... okay... thats a real bright design.

    then passes the appropriate counter-measure information to your mail server. The mail server hacks the machine, shuts down the offending process, and patches the TCP/IP stack with one that DOESN'T have raw socket access.
    Hmm more bright design. Why not just turn my web server into a honeypot while I'm at it.

    SOMEONE has been reading too-fucking-much Steve Gibson. WindowsXP has 0 to do with this. So not only is this post off subject its complete FUD. Take a look here for a more enlightened view of XP and a realistic view of Gibson's worthless RANTs on XP and its access to raw sockets.

    If the 5 this comment rated was for FUD I wouldn't even need to be posting this. Pfft.

    --
    http://windows.scares.us
  4. docs on HP website by patmfitz · · Score: 2, Informative
    There's no concise product brief yet, but the following might answer some questions.