Hi all,
Just an introduction. First post here but _longtime_ Gentoo user.
(Early 2003 I think...) I ran Redhat before that starting in 1997.
I'm a basic desktop end-user type. Self-employed, using KDE,
vlc/makemkv/handbrake, and multiple Virtualbox Win 7 VMs for trading
in the financial markets. I've converted my wife & 3 generations of my
family (parents in the 80's and son in his 20's) to Gentoo. None of
use native Windows anymore. I administer all the systems.
I'm starting to look down the road to a new main machine for me in
6 months to 1 year. I'd like to start learning about the whole
hardened environment - what it can and cannot do, at least easily. If
I go this direction it's likely to try to be a fully encrypted disk
subsystem, including initrd. I'm not overly performance driven, but
that said I want to know where the cycles are going and don't want to
waste them if possible.
Anyway, thought I'd say hi and look for any pointers about what to
read for a user such as myself. I'm going through the Gentoo Hardened
pages and trying to understand what model to use - grsecurity or
selinux. I'm leaning toward grsecurity but I don't have a good reason
one way or the other as of yet.
I am interested in trying to do this in a VBox VM just as a
learning exercise and which I understand it won't be as secure as
doing it on bare metal I'd be very interested in hearing about others
experience in this area.
Thanks,
Mark
Just an introduction. First post here but _longtime_ Gentoo user.
(Early 2003 I think...) I ran Redhat before that starting in 1997.
I'm a basic desktop end-user type. Self-employed, using KDE,
vlc/makemkv/handbrake, and multiple Virtualbox Win 7 VMs for trading
in the financial markets. I've converted my wife & 3 generations of my
family (parents in the 80's and son in his 20's) to Gentoo. None of
use native Windows anymore. I administer all the systems.
I'm starting to look down the road to a new main machine for me in
6 months to 1 year. I'd like to start learning about the whole
hardened environment - what it can and cannot do, at least easily. If
I go this direction it's likely to try to be a fully encrypted disk
subsystem, including initrd. I'm not overly performance driven, but
that said I want to know where the cycles are going and don't want to
waste them if possible.
Anyway, thought I'd say hi and look for any pointers about what to
read for a user such as myself. I'm going through the Gentoo Hardened
pages and trying to understand what model to use - grsecurity or
selinux. I'm leaning toward grsecurity but I don't have a good reason
one way or the other as of yet.
I am interested in trying to do this in a VBox VM just as a
learning exercise and which I understand it won't be as secure as
doing it on bare metal I'd be very interested in hearing about others
experience in this area.
Thanks,
Mark