Slashdot Mirror

← Back to Stories (view on slashdot.org)

Additional Security in the Linux Kernel?

Posted by Cliff on from the going-beyond-ugo dept.

nyx asks: "Recently, I was looking for some way to improve security on my linux boxes. I found few linux patches like grsecurity, LIDS (now also as Linux Security Module), Medusa DS9. I'm testing grsecurity (and it's ACLs) now and I'm quite satisfied with it, but I wonder, what are pros and cons of other solutions. Anybody tried them and can share his experience with us?"

2 of 300 comments (clear)

  1. Simple security improvements by maxwell+demon · · Score: 0, Flamebait
    There are a few security improvements which are easy to make:
    • Do not connect the Linux box to the Internet.

      This way you'll be safe from DoS attacks, as well as other attacks from the net.

    • Remove your floppy drive.

      Before the days of the net, floppies were the main way to spread virusses.

    • Remove the power switch.

      All measures above only protect from the danger of remote people. But by removing the power button (and therefore the possibility to turn the computer on), even people who get physically to the computer can't do anything evil with it.

    • Lock the computer away in a safe.

      All of the above measures could be circumvented with a simple screwdriver and other normal equipment. But by putting it into a good safe, you're safe from the average intruder.

    Of course this has the disadvantage that you cannot use your computer anymore. But that's the price you have to pay for security...
    --
    The Tao of math: The numbers you can count are not the real numbers.
  2. Re:Linux Conspiracy by poopbot QWZX by p_trinli · · Score: 0, Flamebait



    By taking the time to respond to it, what does that make you?