I would hesitate to run this on any production systems especially since it is still in an "experimental" stage. I think it would be perfect to run on honeypots although. Who knows? Maybe one could discover new kernel bugs that would then be fixed by main line kernel developers.
That depends. Are there unpolished aspects that might damage the system, or are the "experimental" aspects merely ways in which it may fail to detect security problems?
Good point! Indeed, just changing the "kernel panic" option to log only might attenuate the possible effects of being experimental.
What's the consensus on this module and Openwall in general? I doesn't seem to be well known here on Slashdot given the number of comments on the topic.
I forgot to mention, I reviewed their products and the IDS thing is the one that caught my attention the most. They seem to know what they are doing, link below: http://phrack.org/issues/53/13... [phrack.org]
Honeypots? (Score:2)
I would hesitate to run this on any production systems especially since it is still in an "experimental" stage. I think it would be perfect to run on honeypots although. Who knows? Maybe one could discover new kernel bugs that would then be fixed by main line kernel developers.
Re: (Score:2)
Re: (Score:2)
Good point! Indeed, just changing the "kernel panic" option to log only might attenuate the possible effects of being experimental.
What's the consensus on this module and Openwall in general? I doesn't seem to be well known here on Slashdot given the number of comments on the topic.
Re: (Score:2)
I forgot to mention, I reviewed their products and the IDS thing is the one that caught my attention the most. They seem to know what they are doing, link below:
http://phrack.org/issues/53/13... [phrack.org]
But what does it do? (Score:3)
It would be nice if the Slashdot summary actually told us what the heck this thing is supposed to do.
Re:But what does it do? (Score:5, Informative)
this is what's missing from the summary [openwall.com]