Language Selection

English French German Italian Portuguese Spanish

Enhancing kernel security with grsecurity

Filed under
HowTos

Is your server as secure as it could be? Sure, you use a firewall, mandate strong passwords, and patch regularly. You even take a proactive approach by performing security audits with tools such as nmap and Nessus. Yet you may still be vulnerable to zero-day exploits and privilege escalation attacks. If these possibilities keep you awake at night, you're not alone. The sleepless folks with the grsecurity project have developed an easy-to-use set of security enhancements to help put your fears to rest.

To say that grsecurity provides many enhancements is an understatement. There are more than 30 options to choose from after installation.

Take note that grsecurity requires the use of a vanilla kernel from www.kernel.org. The kernel source supplied by your distribution's vendor has most likely been patched beyond recognition to grsecurity. With that caveat in mind, installation is simple.

Full Story.

More in Tux Machines

LibreOffice 5, a foundation for the future

The release of the next major version of LibreOffice, the 5.0, is approaching fast. In several ways this is an unique release and I’d like to explain a bit why. Read more

Samsung Continues to Lessen Android Dependence

Samsung's partnership with members of the Linux Foundation appears to be bearing fruit. The partnership's mobile operating system -- dubbed Tizen -- is Linux-based. Samsung's initial Tizen phone rollout was rocky: The company's highly anticipated Samsung Z launch in Russia was quickly canceled last year, and the company blamed concerns about the ecosystem for the delay. Unfortunately, in many cases, ecosystem development presents a "chicken and egg" problem: Developers won't build apps until you have users, and users won't select your product until you have apps. Read more

Linux 4.2 Offers Performance Improvements For Non-Transparent Bridging

The Non-Transparent Bridge code is undergoing a big rework that has "already produced some significant performance improvements", according to its code maintainer Jon Mason. For those unfamiliar with NTB, it's described by the in-kernel documentation, "NTB (Non-Transparent Bridge) is a type of PCI-Express bridge chip that connects the separate memory systems of two computers to the same PCI-Express fabric. Existing NTB hardware supports a common feature set, including scratchpad registers, doorbell registers, and memory translation windows." Or explained simply by the Intel Xeon documentation that received the NTB support, "Non-Transparent Bridge (NTB) enables high speed connectivity between one Intel Xeon Processor-based platform to another (or other IA or non-IA platform via the PCIe interface)." Read more

Benchmarks Of 54 Different Intel/AMD Linux Systems

This week in celebrating 200,000 benchmark results in our LinuxBenchmarking.com test lab, I ran another large comparison against the latest spectrum of hardware/software in the automated performance test lab. Read more