View Poll Results: Are you using a Linux Kernel Patch ?

Voters
17. You may not vote on this poll
  • Yes

    7 41.18%
  • No

    10 58.82%
Results 1 to 5 of 5
  1. #1
    Join Date
    Feb 2006
    Location
    Greece
    Posts
    194

    Are you using a Patched Kernel ?

    For everyone out there who have dedicated servers
    with linux kernel, do you use a kernel patch like
    GrSecurity for extra security and piece of mind
    or not and why?

    I am using mostly VPS with huge resources for hosting sites
    because I didn't have the budget for Raid 5, Data Redundancy
    and managed servers. But now I just leased my first Dedicated running Centos (for better compatibility with CPanel) and I am concerned about the kernel's security issues.

    I am using Grsecurity on a labrat (home server) for testing
    purposes but I dont know if it is the right option for a Production Live server.

    Opinions?

    Regards,
    Chris

  2. #2
    Join Date
    Dec 2004
    Location
    New York, NY
    Posts
    10,574
    Will this be a shared hosting system?

  3. #3
    Join Date
    Feb 2006
    Location
    Greece
    Posts
    194
    This system will serve a big ammount of websites and
    maybe a few (4-5) low traffic shoutcast streaming services.

    Running already Cpanel (installed yesterday) and ConfigServer Firewall. Already modsecurity installed with some custom rules
    and the ruleset from gotroot but I still being concerned if
    there is the need for patching the kernel.


    Regards,
    Chris

  4. #4
    Join Date
    Jan 2004
    Posts
    1,183
    grsec is a good patch but nothing is perfect the last linux wide exploit (JS detailhed in cpanel website) was exploitable to a certain level with grsec kernls.

    I think using a patch in the kernel gives a sense of "un"security were you will miss updates and that may our may not cause the same downtime for each update/reboot.


    I prefere RHE our centos kernel they are pretty secure and update is fairly quick/easy.

  5. #5
    Join Date
    May 2006
    Location
    NJ, USA
    Posts
    6,457
    My techs lock down and patch up kernels on every server I have.
    simplywww: directadmin and cpanel hosting that will rock your socks
    Need some work done in a datacenter in the NYC area? NYC Remote Hands can do it.

    Follow my "deals" Twitter for hardware specials.. @dougysdeals

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •