Hey Guys ,
Here is my Tut ,
What is Gr Security ?
Grsecurity is an innovative approach to security utilizing a multi-layered detection, prevention, and containment model. It is licensed under the GPL.
It offers among many other features:
* An intelligent and robust Role-Based Access Control (RBAC) system that can generate least privilege policies for your entire system with no configuration
* Change root (chroot) hardening
* /tmp race prevention
* Extensive auditing
* Prevention of entire classes of exploits related to address space bugs (from the PaX project)
* Additional randomness in the TCP/IP stack
* A restriction that allows a user to only view his/her processes
* Every security alert or audit contains the IP address of the person that caused the event
Here we go
1. Login to your server via ssh and yum update
2. Lets move to this directory :
3. Now we are going download and install gcc :
This should install kernel-headers , gcc++ etc.
4 . Download the Kernel :
5. Lets open this bad boy up :
6. Also we need to create a symlink :
7. Now grab the patch :
Also install patch module : " yum install patch "
8. Open the patch
9. The good bit now lets patch the kernel :
10. Move to the boot :
11. look at the dirc by entering this :
You should see config-xxxx
12. Move the config like this :
13. Move back to linux folder :
and compile
And choose security level to your liking.
After you compile the kernel please enter this
Now do this :
Should look like this :
Your going to have default=1 , you need to change it to default=0. Then reboot , now you have a harden kernel
You can check by this command :
Here is my Tut ,
What is Gr Security ?
Grsecurity is an innovative approach to security utilizing a multi-layered detection, prevention, and containment model. It is licensed under the GPL.
It offers among many other features:
* An intelligent and robust Role-Based Access Control (RBAC) system that can generate least privilege policies for your entire system with no configuration
* Change root (chroot) hardening
* /tmp race prevention
* Extensive auditing
* Prevention of entire classes of exploits related to address space bugs (from the PaX project)
* Additional randomness in the TCP/IP stack
* A restriction that allows a user to only view his/her processes
* Every security alert or audit contains the IP address of the person that caused the event
Here we go
1. Login to your server via ssh and yum update
2. Lets move to this directory :
Code:
cd /usr/src
Code:
yum install gcc
4 . Download the Kernel :
Code:
wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.27.10.tar.gz
Code:
tar zxvf linux-2.6.27.10.tar.gz
Code:
ln -s linux-2.6.27.10 linux
Code:
wget http://grsecurity.net/grsecurity-2.1.12-2.6.27.10-200812271347.patch.gz
8. Open the patch
Code:
gzip -d grsecurity2.1.12-2.6.27.10-200812271347.patch.gz
Code:
patch -p0 < grsecurity-2.1.12-2.6.27.10-200812271347.patch
Code:
cd /boot
Code:
ls
12. Move the config like this :
Code:
cp config-xxx.xxx-x /usr/src/linux/.config
Code:
cd /usr/src/linux
Code:
make menuconfig
And choose security level to your liking.
After you compile the kernel please enter this
Code:
make bzImage; make modules; make modules_install; make install
Code:
nano /boot/grub/menu.1st
Code:
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/VolGroup00/LogVol00
# initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.27.10-grsec)
root (hd0,0)
kernel /vmlinuz-2.6.27.10 ro root=/dev/VolGroup00/LogVol00
initrd /initrd-2.6.27.10.img
title CentOS (2.6.18-92.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-92.el5 ro root=/dev/VolGroup00/LogVol00
initrd /initrd-2.6.18-92.el5.img
You can check by this command :
Code:
uname -r
Last edited: