Linux Today: Linux News On Internet Time.

LinuxSecurity.com: Build a Secure System with LIDS

Apr 25, 2000, 19:45 (0 Talkback[s])
(Other stories by Xie Huagang, Nick DeClario)

[ Thanks to Nick DeClario for this link. ]

"The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it is in installed, chosen files access, every system/network administration operation, any capability use, raw device, mem, and I/O access can be made impossible even for root. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features in the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more."

"You can download lids patch from LIDS Home and LIDS Ftp Home and other mirror of LIDS around the world, check LIDS Mirror for the nearby mirror site. The patch name will be lids-x.xx-y.y.y.tar.gz, x.xx represents the lids version and the y.y.y represents the linux kernel version."

"After you seal the kernel, your system is now protected by LIDS. You can run some tests on it. If you want to change a configuration, such as modify the capability option, you can change your LIDS security level online by providing a password."

Complete Story

Related Stories: