Host Security Application of the Year

jeremy · 12-31-2007, 04:06 PM

We broke Security Application of the Year into Network and Host this year (yes, some are borderline).

--jeremy

jlgreer1 · 12-31-2007, 07:40 PM

There must be something wrong with the poll setup. There is no option to vote. The current results are all zero. Are we waiting for Iowa?

Jeff

rickh · 12-31-2007, 09:05 PM

Pretty hard to choose between chkrootkit and rkhunter ... Doesn't everybody run both?

vermaden · 01-01-2008, 02:07 PM

I aould also add GRsecurity: http://www.grsecurity.net

Electro · 01-03-2008, 04:39 AM

Not to be mean but it seems you just throw them in with out asking your self what is this program/project is for and how it works. There are a few that do not fit. The utilities chkrootkit and rkhunter do not fit. They are scanning programs like anti-virus scanners. AIDE and Tripwire are file monitors. BASTILLE and grsecurity are hardening projects. SELinux and AppArmor are program security projects.

You could change the title of this poll to Application Security of the Year and list only SELinux and AppArmor.

People will be using a combination of projects to secure their computer or server. I think grsecurity, SELinux, AIDE, and both chkrootkit and rkhunter will be my choices to security protect a computer from an attack. The paranoid desktop users might use BASILLE, SELinux, AIDE for the basics of securing their system

vermaden · 01-03-2008, 06:02 AM

You may also include ProPolice: http://www.x.org/wiki/ProPolice used for example in Hardened Gentoo.

jeremy · 01-03-2008, 08:09 AM

This year we broke the "Security" poll into Host-based and Network-based. I'd say chkrootkit and rkhunter certainly fit into the Host-based category.

--jeremy

Electro · 01-03-2008, 04:58 PM

Quote:

Originally Posted by jeremy

This year we broke the "Security" poll into Host-based and Network-based. I'd say chkrootkit and rkhunter certainly fit into the Host-based category.

--jeremy

You are wrong. They are maintenance utilities. They are similar to clamav.

I am not going to vote in this poll because it is not smart poll. It is better to convert the poll into check boxes instead of radio buttons.

jlgreer1 · 01-04-2008, 12:42 PM

We can now actually vote!

Thanks Jeremy.

Jeff

sxw123 · 01-07-2008, 07:47 PM

Quote:

Originally Posted by Electro

Not to be mean but it seems you just throw them in with out asking your self what is this program/project is for and how it works. There are a few that do not fit. The utilities chkrootkit and rkhunter do not fit. They are scanning programs like anti-virus scanners. AIDE and Tripwire are file monitors. BASTILLE and grsecurity are hardening projects. SELinux and AppArmor are program security projects.

You could change the title of this poll to Application Security of the Year and list only SELinux and AppArmor.

People will be using a combination of projects to secure their computer or server. I think grsecurity, SELinux, AIDE, and both chkrootkit and rkhunter will be my choices to security protect a computer from an attack. The paranoid desktop users might use BASILLE, SELinux, AIDE for the basics of securing their system

Totally agree with Electro on this. Utilities versus Host security, two completely different things.

SCerovec · 01-09-2008, 11:44 AM

I'm all confused, didn't use neither too.
no vote for this from me...

unSpawn · 01-15-2008, 01:10 PM

While it's a disparate group boycotting the poll seems somewhat like shooting the messenger. I voted SELinux (I can't obviously vote RKH) because compared to the rest (and you know I like GRSecurity and applaud Gentoo for supplying stock GRSec-enabled kernels) it's currently the only sustained effort across distributions that has a Real Life impact on practical host security and I applaud those that have taken the lead in this.

SCerovec · 01-16-2008, 10:23 AM

Quote:

Originally Posted by unSpawn

While it's a disparate group boycotting the poll seems somewhat like shooting the messenger. I voted SELinux (I can't obviously vote RKH) because compared to the rest (and you know I like GRSecurity and applaud Gentoo for supplying stock GRSec-enabled kernels) it's currently the only sustained effort across distributions that has a Real Life impact on practical host security and I applaud those that have taken the lead in this.

It makes sense, i put my vote to SElinux too,
not that I use it, but it's most common and makes a difference.

jantman · 01-27-2008, 01:02 AM

Maybe one more little addition (for next year?).

As much as people overlook it... denyhosts! If you have good passwords it's not vital, but sure does stop those dictionary-based SSH attacks.