http://www.Linux-Sec.net Hardening-Tightening Security_Policy Hardening-HOWTO Linux Distros Distro Patches Kernel-Patches Dedicated Servers Firewalls DNS Servers Mail Servers Web Servers Turn-Off Daemons Tighten Inetd Services Top-10 Vulnerabilities Top-7 Security Mistakes Top-10 Vulnerabilities Top-20 Most Critical Vulnerability Top-10 Virus Scans/Attacks Stats Top-10 Attacks Hacked Servers One Minute Audits OpenPorts Audit AntiVirus - AntiSpam Anti-Spam Anti-Virus spam.wav Wireless [In]Security Sniffers Security Tools SSH_SSL Firewalls MailServer FileSystem VPN Port Scan Detectors IDS Tools LogFile Analysis Ethernet Monitoring Server Monitoring Tracking & Forensics Hackers Tools Audit Tools Port Scanners Hacking Tools DDOS Tools Sniffer Tools Spoof Tools Exploits & Vulnerbilities Wireless Wireless [In]Security Misc Statistics Linux/BSD Distros Links,Articles,WatchDogs Security Mailing Lists/FAQs Liability Insurance 1U Rackmount Chassis Custom-Chassis.com Linux-1U.net 1U-ITX.net ITX-Blades.net Small PC cases Mini-Box.net Wrap-Box.net Wrap-OS.net Wan-Sim.net Linux-Consulting.com Linux-CAE.net Linux-Sec.net Linux-Boot.net Linux-Backup.net Linux-Wireless.org Linux-Office.net Linux-Video.net Linux-VOIP.net Linux-Jobs.net Linux-Diff.net 1U-Raid5.net Linux-Howto.net Spam Reporting Free Linux CDs ISO9660.org Distro-CD.org Patch-CD.org Contact Linux is a registered trademark of Linus Torvalds More Linux Legalese

Kernel Hardening Minimum Kernel Hardening Protect your stack from buffer overflow exploits Kernel.org Linux Kernel Sources LinuxDoc.org Kernel-HOWTO Redhat.com Upgrading the Kernel Download, Compile and Install the latest kernel Turn off modules during kernel config/compile Turn off un-necessary kernel options during kernel config/compile Turn off /proc filesystem during kernel config/compile Apply Additional Kernel Security Enhancements Apply OWL Apply LIDS Apply libSafe Apply StackGuard or StackShield Buffer Overflow Lnux-Sec.net/Audit/Tools.sw SW tools to check for buffer overflows Subterrain.net buffer overflow tutorial Destroy.net Kernel Hardening KernelNewbies.org kernel patches SecurityPortal Zone-H.org LKM PacketStormSecurity.nl LKM Hacking l0t3k.org Runtime Kernel Kmem Hacking p-trace kernel problem iu.edu kernel archive - ptrace SinusPL.net 2-4.20 patch and ptrace exploit code Redhat.com Exec-Shield ^ ( also see debian breakin followup ) Silkurezza.org Angel CapSel LCAP prevent any further kernel modules loading LIDS Linux Intrusion Detection System HowTo.Lycos.com LIDS howto Sans.org Deploying Enhanced Kernel Security ClubLinux LIDS - Linux Intrusion Detection System TurboLinux LIDS SecurityFocus.com LIDS - 4 part articles SecureLinux.org grsecurity - ACL GRsecurity.net ( openwall for 2.4 kernels ) OpenWall OWL - stops most buffer overflow, stops /tmp race condition Debian.org Openwall w/ 2.4 Debian.org LSM - Linux Security Modules TrustedDebian.org Optusnet.com.au GrSecurity + XFS SourceForge.net Wolk - GrSecurity + XFS + others IBM.com SPP for gcc-3.x Kaladix.org HyperSec kernel Isec.pl Knox - non-executable page protection mechanism Incident-Response.org KSec - Kernel Security Checker Linux Port LockDown Network Assoc LoMac TisLabs.com LoMac - Low Water-Mark Mandatory Access Control KSTAT Kernel Security Therapy Anti-Trolls LCAP Linux Kernel Capability Remover Gentoo.org ProPolice ( GCC patch ) IBM.com SSP - stack-smashing protector ogi.edu StackGuard Immunix.org LSM - Linux Security Modules Immunix.org Stackguard - defend against stack smashing StackShield defend against stack smashing Research.AvayaLabs.com Libsafe - defend against buffer overflow ( test it ) kernel.org Linux-Privs ( Fcap ) Angelfire.com MegaBlaster - protect against buffer overflow LinSec.org MAC - Mandatory Access Control Virtualave.net Pax - defend against buffer overflow PAX.GRSecurity.net Posix ACL RSBAC.de Rule Set Based Access Control for Linux RSBAC.org TrustedDebian.org RSBAC Starzetz.com RSX - Runtime addressSpace eXtender SourceForge.net St Jude EnergyMech.net Stealth Kernel Patch ^ protect against port scans Linux Trustee TheAimsGroup.com HAP-Linux ( Hank-APproved Linux ) Encrypted File Systems Encrypted FileSystem

Copyright © 2000	Linux-Consulting	All Rights Reserved.	Updated: Thu Sep 15 17:30:56 2005 PDT