Re: chroot useful?

[Rick Murphy <rmurphy () itm-inst com>]

> At 07:12 PM 16/11/97 +1100, Darren Reed wrote:
> Why not ask them.  Many claim to run "hardened" versions of 
> BSD or LINUX.  Vulnerabilites and exploits are well publicized, 
> and many of the developers read these lists.   I doubt many
> are going to be so arrogant as to take a NIH approach to something
> Marcus has contributed to the state of the technology ;-)

The problem with this "hardening" claim is that there's usually no
detail to back up what the hardening really is. Some tighten down the
IP stack (adding spoof detection, additional alarming). Some tighten
down the OS environment (fixing known bugs, removing unnecessary programs
and removing suid bits where appropriate). Some do both.
Neither of these are IMHO a "hardened OS" environment - what MJR and others
are talking about, however, is a lot closer to "hardened". You're changing
the operation of the underlying OS to disallow some forms of attack.

I only know the details of a couple of firewall products well enough to
say that the "hardened OS" really isn't - are there any products that
actually dip down into the kernel and make changes to the overall
environment to make the system less vulnerable to attack?
        -Rick