[Dev] [consensus][due: 2016-08-10] increasing security in Parabola, servers

André Silva emulatorman at riseup.net
Mon Aug 1 23:33:38 GMT 2016

On 08/01/2016 08:15 PM, Luke wrote:
> On 08/01/2016 07:04 PM, fauno wrote:
>> André Silva <emulatorman at riseup.net> writes:
>>> [ Unknown signature status ]
>>> On 08/01/2016 07:23 PM, André Silva wrote:
>>>>>> * Testing against all type of attacks to check our security settings is ok.
>>>>> +1. We should have someone audit the server for any vulnerabilities.
>>>> +1, i suggest use linux-libre-audit for it.
>>> In this case, since it is a server, i could create a modified version of
>>> linux-libre-lts with AUDIT support called linux-libre-lts-audit, what do
>>> you think guys?
>> what about grsec?
> grsec would probably be better for the server, but what does the audit
> kernel do? I meant literally audit it, as in run nmap and other tools to
> scan for vulnerabilities...

AUDIT support is useful for debugging, however it is disabled in default
kernels for performance reasons.

btw, grsec would probable be better for the server too. i agree about it.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20160801/c8edd49b/attachment.sig>

More information about the Dev mailing list