2005 LinuxQuestions.org Members Choice AwardsThis forum is for the 2005 LinuxQuestions.org Members Choice Awards.
You can now vote for your favorite products of 2005. This is your chance to be heard! Voting ends March 6th.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Slackware, Fedora Core, Red Hat Enterprise
Posts: 8
Rep:
Quote:
Originally Posted by glebovitz
While all of these apps serve different purposes, SELinux has done the most for me. Labeling and kernel based policy enforcement does a great job of partitioning security. I got tired of running "jails" for each service.
I agree, and I dont consider SELinux an app. Its by far the most complex technology on the list which enhances the kernel to a higher security level. Check the "Orange Book"http://www.radium.ncsc.mil/tpep/libr...00.28-STD.html, SELinux (Mandatory Access Control level) makes Linux (if well configured) far more secure than any other Windows (Discretionary Access Control) or even UNix.
I must say IPCop is badly broken / sucks. Back orifice, trace route and many other things slip past. Port scans are never logged. I can not say enoff bad things about this firewall. Run firestarter or any other firewall behind IPCop to see just how bad it is.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.