LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > 2018 LinuxQuestions.org Members Choice Awards
User Name
Password
2018 LinuxQuestions.org Members Choice Awards This forum is for the 2018 LinuxQuestions.org Members Choice Awards.
You can now vote for your favorite projects/products of 2018. This is your chance to be heard! Voting ends on February 12th.


Notices


View Poll Results: Host Security Application of the Year
AIDE 0 0%
AppArmor 15 31.25%
Bastille 0 0%
chkrootkit 3 6.25%
Firejail 2 4.17%
grsecurity 2 4.17%
OSSEC 1 2.08%
Rootkit Hunter 8 16.67%
Samhain 2 4.17%
SELinux 12 25.00%
Tripwire 3 6.25%
Voters: 48. You may not vote on this poll

Reply
  Search this Thread
Old 01-05-2019, 12:42 PM   #1
jeremy
root
 
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,022

Rep: Reputation: 3751Reputation: 3751Reputation: 3751Reputation: 3751Reputation: 3751Reputation: 3751Reputation: 3751Reputation: 3751Reputation: 3751Reputation: 3751Reputation: 3751
Host Security Application of the Year


What's your favorite host-based security tool?

--jeremy
 
Old 01-07-2019, 12:47 AM   #2
YesItsMe
Member
 
Registered: Oct 2014
Distribution: Gentoo
Posts: 561

Rep: Reputation: 210Reputation: 210Reputation: 210
grsecurity. I don't trust NSA's SELinux.
 
Old 01-10-2019, 08:13 AM   #3
mward2015
LQ Newbie
 
Registered: Jun 2017
Posts: 25

Rep: Reputation: Disabled
AppArmor because NSA's SELinux is really hard to properly setup,
most likely it has been made such confusing on purpose
so that regular people would find it really hard to set up a secure system,
much to NSA's delight
 
Old 01-12-2019, 01:07 PM   #4
teresaejunior
Member
 
Registered: Jan 2013
Location: /home
Distribution: Xubuntu
Posts: 124

Rep: Reputation: 17
I really recommend people to have a look at Falco, from the Sysdig team, which is kind of a OSSEC, Snort, and strace hybrid. It had a few annoying bugs when I tried it months ago, though (which I reported and were fixed).

Rules are based on sysdig, and very simple to write. For example, log/email if a process other than skype/webex tries to access the camera:

Code:
- rule: access_camera
  desc: a process other than skype/webex tries to access the camera
  condition: evt.type = open and fd.name = /dev/video0 and not proc.name in (skype, webex)
  output: Unexpected process opening camera video device (command=%proc.cmdline)
  priority: WARNING
 
Old 01-15-2019, 01:55 PM   #5
Cyberjackal
Member
 
Registered: Aug 2013
Location: Rocky Mountains, USA
Distribution: Arch, FreeBSD, Red Hat, Void, Gentoo
Posts: 50

Rep: Reputation: Disabled
grsecurity
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Host Security Application of the Year jeremy 2011 LinuxQuestions.org Members Choice Awards 12 02-08-2012 11:54 AM
Host Security Application of the Year jeremy 2010 LinuxQuestions.org Members Choice Awards 14 02-07-2011 12:17 PM
Host Security Application of the Year jeremy 2009 LinuxQuestions.org Members Choice Awards 3 01-27-2010 09:38 PM
Host Security Application of the Year jeremy 2008 LinuxQuestions.org Members Choice Awards 14 02-22-2009 09:27 AM
Host Security Application of the Year jeremy 2007 LinuxQuestions.org Members Choice Awards 13 01-27-2008 01:02 AM

LinuxQuestions.org > Forums > 2018 LinuxQuestions.org Members Choice Awards

All times are GMT -5. The time now is 01:27 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration