Advanced Techniques:
Planning for system penetration
UID separation
File consistency checks
Tripwire
L5
Package manager
Don't support modules
Verify that daemons run at least privilege
Least privileged user
Capabilities
chroot daemons
kernel patches
Solar Designer's 2.0.x patch
Equivalent 2.1.131 patch
Restricting rootly powers
Securelevel
Capabilities
Goto Next Slide