Seguraça extrema com LIDS
Este artigo nos introduz ao LIDS (Linux Intrusion Detection System), um sistema robusto que aplicado como patch no kernel nos oferece recursos extremos de configurações de segurança do sistema operacional.
[ Hits: 52.181 ]
Por: Anderson L Tamborim em 21/02/2004 | Blog: http://y2h4ck.wordpress.com
[*] Prompt for development and/or incomplete code/drivers [*] Sysctl Support General setup ---> [*] Networking support [*] PCI support (Any) PCI access mode [*] PCI quirks [ ] PCI bridge optimization (experimental) [*] Backward-compatible /proc/pci [ ] MCA support [ ] SGI Visual Workstation support [*] System V IPC [ ] BSD Process Accounting [*] Sysctl support <*> Kernel support for a.out binaries <*> Kernel support for ELF binaries <*> Kernel support for MISC binaries <M> Kernel support for JAVA binaries (obsolete) < > Parallel port support [ ] Advanced Power Management BIOS support Networking options ---> *(Personalize de acordo com suas necessidades) <*> Packet socket [*] Kernel/User netlink socket [*] Routing messages <*> Netlink device emulation [*] Network firewalls [ ] Socket Filtering <*> Unix domain sockets [*] TCP/IP networking [ ] IP: multicasting [*] IP: advanced router [ ] IP: policy routing [*] IP: equal cost multipath [ ] IP: use TOS value as routing key [*] IP: verbose route monitoring [*] IP: large routing tables [ ] IP: kernel level autoconfiguration [*] IP: firewalling [*] IP: firewall packet netlink device [ ] IP: transparent proxy support [*] IP: masquerading --- Protocol-specific masquerading support will be built as modules. [*] IP: ICMP masquerading --- Protocol-specific masquerading support will be built as modules. [*] IP: masquerading special modules support <M> IP: ipautofw masq support (EXPERIMENTAL) <M> IP: ipportfw masq support (EXPERIMENTAL) <M> IP: ip fwmark masq-forwarding support (EXPERIMENTAL) [*] IP: optimize as router not host < > IP: tunneling < > IP: GRE tunnels over IP [*] IP: aliasing support [ ] IP: ARP daemon support (EXPERIMENTAL) [*] IP: TCP syncookie support (not enabled per default) --- (it is safe to leave these untouched) < > IP: Reverse ARP [*] IP: Allow large windows (not recommended if <16Mb of memory) < > The IPv6 protocol (EXPERIMENTAL) opções do lids no kernel --> Linux Intrusion Detection System ---> [*] Linux Intrusion Detection System support (EXPERIMENTAL) --- LIDS features (1024) Maximum protected objects to manage (1024) Maximum ACL subjects to manage (1024) Maximum ACL objects to manage (1024) Maximum protected proceeds [ ] Hang up console when raising a securit alert [ ] Security alert when execing unprotected programs before sealing LIDS [*] Try not to flood logs (60)Authorised time between two identic logs (seconds) [*] Allow switching LIDS protections (3)Number of attempts to submit password (3) Time to wait after a fail (seconds) [ ] Allow remote users to switch LIDS protections [ ] Allow any program to switch LIDS protections [*] Allow reloading config. File [*] Port Scanner Detector in kernel [*] Send security alerts through network [ ] Hide klids kernel thread (3) Number of connection tries before giving up (30)Sleep time after a failed connection (16)Message queue size
PaX: Solução eficiente para segurança em Linux
Análise Forense - Aspectos de perícia criminal
Segurança no SSH via plugins da PAM
Segurança extrema com LIDS: novos recursos
Nmap do início ao fim (parte 1)
Detectando vulnerabilidades com o Nessus
Tornando seu Apache mais seguro com o ModSecurity
Monitorando as conversas do MSN
Atenção a quem posta conteúdo de dicas, scripts e tal (2)
Criando um gateway de internet com o Debian
Configuração básica do Conky para mostrar informações sobre a sua máquina no Desktop
Aprenda a criar músicas com Inteligência Artificial usando Suno AI
Entendendo o que é URI, URL, URN e conhecendo as diferenças entre POST e GET
Ativando o Modo Noturno via Linha de Comando no GNOME/Wayland
Preparando pendrive com GNU/Linux [Corretamente!]
Instalando Google Chrome no Fedora 40
Habilitando a importação de senhas no Firefox
Como corrigir o erro do VirtualBox travar a máquina virtual em tela cheia
Dificuldade de instalar Apache Office no Zorin17 (0)
alterar o tamanho da tela do monitor via xrandr (1)
Acesso remoto via SSH por Script numa virtualbox (1)
Notebuxo positivo vaio VJFE43F11X Something has gone seriously wrong... (9)
Como adicionar módulo de saúde da bateria dos notebooks Acer ao kernel... (35)