grsecurity forums


https://forums.grsecurity.net/

Services to protect with grsecurity

https://forums.grsecurity.net/viewtopic.php?f=3&t=349

Page 1 of 1

Services to protect with grsecurity

PostPosted: Wed Mar 26, 2003 4:14 pm
by adk
Currently we are testing grsecurity on some of our machines, but are wondering what kind of services should be protected by grsecurity.

It seems clear to us that protecting system-services like apache, ssh etc makes sense, but what about a firewall-script ??

Should we set up special rules for this purpose or will disabling CAP_NET_ADMIN be enough??

Thanks for your help

PostPosted: Thu Mar 27, 2003 1:48 am
by TGKx
A strict default acl for the system, any processes that will be run by root should have their own acl, and any processes that will need more access than the default restrictive acl.

You can set your firewall script to be read only so it cant be modified.

These should be a good start.

PostPosted: Thu Mar 27, 2003 11:53 am
by spender
What I like to do is start the ACL system after all startup services have loaded. This saves you a lot of work, and allows you to set more restrictive ACLs on your daemons. Any kind of administrative tasks should not be given privileged ACLs, but rather should be done through administration mode.

-Brad
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/