|
Firewall Wizards
mailing list archives
Re: chroot useful?
From: Rick Murphy <rmurphy () itm-inst com>
Date: Mon, 17 Nov 1997 06:01:34 -0500
At 07:12 PM 16/11/97 +1100, Darren Reed wrote:
Why not ask them. Many claim to run "hardened" versions of
BSD or LINUX. Vulnerabilites and exploits are well publicized,
and many of the developers read these lists. I doubt many
are going to be so arrogant as to take a NIH approach to something
Marcus has contributed to the state of the technology ;-)
The problem with this "hardening" claim is that there's usually no
detail to back up what the hardening really is. Some tighten down the
IP stack (adding spoof detection, additional alarming). Some tighten
down the OS environment (fixing known bugs, removing unnecessary programs
and removing suid bits where appropriate). Some do both.
Neither of these are IMHO a "hardened OS" environment - what MJR and others
are talking about, however, is a lot closer to "hardened". You're changing
the operation of the underlying OS to disallow some forms of attack.
I only know the details of a couple of firewall products well enough to
say that the "hardened OS" really isn't - are there any products that
actually dip down into the kernel and make changes to the overall
environment to make the system less vulnerable to attack?
-Rick
 By Date 
By Thread
Current thread:
- Re: chroot useful?, (continued)
Re: chroot useful? Marcus J. Ranum (Nov 16)
|
Intro
