Contributed by jose on from the hardened dept.
TrojanProof offers enhanced security through a variety of mechanisms. Note that you can couple this to systrace for extra security.
TrojanProof is not an official OpenBSD project and modifies the system to a state where it is no longer supported by the official project. Also note that these are experimenal changes and should be tested on development boxes before deployment on production servers.
(Comments are closed)
By Anonymous Coward () on
Of course that would require an implementation of OpenPGP which could be linked in the kernel, and nothing like that exists yet, so it would not be so easy to do.
By RC () on
Check the sigs of everything you download. Mount your important folders (/bin:/sbin:/usr) read-only OR use chflags to set each of the programs as immutable.
By Anonymous Coward () on
i know an admin has to do his homework and noone is gonna hold my hand, but a starting point might be nice. (after all thats what the offical faqs are... a starting point to get you on the road to understanding the system better.)