Friday, August 19, 2011

Linux kernel security

Where security is top priority , we first focus on security of Linux kernel. Although by default linux kernel are not very secure , there are important linux kernel patches to secure your linux box. These kernel patches are SELinux , AppArmor and Grsecurity. These patches control access between processes to objects, processes to processes and objects to objects.

SELinux by default included with Redhat's CentOS/RHEL/Fedora , Debian /Ubuntu , Suse , Slackware and many other distribution. Implementation of SeLinux require high skill sets.

AppArmor released and maintained by Novell under GPL license. Its an alternative of SeLinux and very effective in securing applications. AppArmor is default in OpenSuse and Suse Enterprise Linux. Implementation of AppArmor also require medium level skill sets.

Grsecurity is a set of patches for linux kernel with the focus of enhancing security. Its implement RBAC(Role Based Access Control). Its available for any linux distribution. Its easy to implement.