GRSecurity: Harden those Boxes


For over the past decade, grsecurity has provided webhosting companies and other users of Linux the highest level of security available for any mainstream OS.

Unlike other expensive security “solutions” that pretend to achieve security through known-vulnerability patching, signature-based detection, or other reactive methods, grsecurity provides real proactive security. The only solution that hardens both your applications and operating system, grsecurity is essential for public-facing servers and shared-hosting environments.

Only grsecurity provides protection against zero-day and other advanced threats that buys administrators valuable time while vulnerability fixes make their way out to distributions and production testing.

Add increased authentication for administrators, audit important system events, and confine your system with no manual configuration through advanced Role-Based Access Control.

Use Trusted Path Execution to prevent users from executing their own binaries or binaries in unsafe locations.

Invisibly reinforce the most common filesystem isolation, turning it into a true jail.

Through partnership with the PaX project, creators of ASLR and many other exploit prevention techniques — some now imitated by Microsoft and Apple, grsecurity makes many attacks technically and economically infeasible by introducing unpredictability and complexity to attempted attacks, while actively responding in ways that deny the attacker another chance.

Available for free under the GNU GPL version 2 with commercial support and the opportunity to sponsor our work, grsecurity brings you the security of the next decade, today.

Show Comments