Anyone Mention Pax And Ssp Here? :) Proactive security :)
I'd like to discuss two proactive security projects, PaX and ProPolice. What these do is mitigate future security exploits down to DoS attacks, which may be appropriate for many situations; if an intrusion isn't acceptable, but the crashing of Apache/sshd/ircd/whatever is attacked is, these two technologies are perfect.
Because of their nature, i believe these are useful in 100% of home use scenarios; neither of these, when managed by the distrbutuion, pose any extra security barriers (Passwords, access restrictions, etc) to the user or system administrator, yet they both will easily deflect worms of the nature of Sasser and MSBlast that are targetted towards vulnerabilities in Linux systems. These will NOT deflect worms in the nature of ILoveYou, which are targetted at bad-by-design normal functions of software; the problem of such attacks is of the same nature of "user B saw user A's password" attacks, and cannot be detected by any method.
PaX you'll know as that weird thing that you probably didn't realize wasn't PART of grsecurity, just PACKAGED with it :D
SSP/ProPolice is another good one, does good things.
The below articles should kick this discussion off well.
I'm the major contributor of these two, although lots of help came from others' input. Big thanks to the PaX developer for technical explainations of PaX.
Now that you're introduced to the topic, anyone have anything they'd like to discuss about these?
BTW, I put the poll there because I'm curious about how many people know about and/or use these already :) You people are a good survey group. And yes, I cast my own first vote; I'm part of the survey population, although that's bad statistics.