Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Grsecurity.net website down?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
miroR
l33t
l33t


Joined: 05 Mar 2008
Posts: 826

PostPosted: Mon Feb 16, 2015 1:45 am    Post subject: Grsecurity.net website down? Reply with quote

In the past two days I noticed that from www.grsecurity.net or forums.grsecurity.net no page can be accessed.
I checked it up on sites like http://isup.me and it wasn't just me, but the site was not up.
I was wondering whether anybody knows, or has some means to find out and tell us, what happened.
I very much like grsecurity/pax and am a little worried.
Cheers!
Back to top
View user's profile Send private message
miroR
l33t
l33t


Joined: 05 Mar 2008
Posts: 826

PostPosted: Mon Feb 16, 2015 12:21 pm    Post subject: Reply with quote

In effect,the isup.me says:
http://isup.me wrote:

doesn't look like a site on the interwho

which sounds really bad.
Sounds worse than than just this being only downtime.
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6276

PostPosted: Mon Feb 16, 2015 12:40 pm    Post subject: Reply with quote

I am wondering, too: Are we going to see some >=hardened-sources-3.19 in a not so distant future?
Back to top
View user's profile Send private message
miroR
l33t
l33t


Joined: 05 Mar 2008
Posts: 826

PostPosted: Tue Feb 17, 2015 5:50 am    Post subject: Reply with quote

mv wrote:
I am wondering, too: Are we going to see some
>=hardened-sources-3.19 in a not so distant future?

Just if some less advanced FOSS Linux users read here.

EDIT START Wed 18 Feb 19:43:38 CET 2015
That means, if there grsecurity is not developed, the hardened sources with
grsecurity (not with SELinux) will only be available up to the current, 3.18
kernel. That is all of mv's suggestion.

An this below is my further thought on mv's suggestion.
EDIT END

What Martin Väth (if I remember correctly, can't check much around because
I've been sick yestarday and still today) or mv, suggests (IT IS NOT: see
correction above, this is my further thought) is that there is no real
hardening of the main component of FOSS Linux, the kernel, without
grsecurity/PaX. Well unless you trust the spies the NSA and their SELinu
program, which I don't and many many FOSS Linux users in the world don't.

And if the grsecurity main developer, a real genius and probably the greatest
of one ofthe greatest security expert today, Bradley spender Spengler, and the
main PaX developer, the anonymous PaX Team, probably Hungarian, but only
judging by the email he uses (can't check for sickness, but it should be
paxec@freemail.hu), don't go on with developing grsecurity/PaX for the FOSS
Linux community, then...
Then there will be no more real protection against the most sofisticated, big
subjects with the money, one only mentioned above, intrusion on your system,
dear FOSS Linuxers.

So, the current kernel 3.18 having grsecurity still somewhat fresh to use, and
if spender and PaX Team were to not continue developing, 3.19 wouldn't have
the patches to apply.
Have to go, am too weak to stay, but, for the beginners and intermediate

Grsecurity/Pax installation on Debian GNU/Linux
http://forums.debian.net/viewtopic.php?f=16&t=108616

(tried, but can't get the links right, new to using Lynx for all my browsing,
but am also sick of
Schmoog the Surveillane Engine sitting in Firefox, and can't get the addresses
pasted right in Lynx
sorry)
EDIT Wed 18 Feb 19:53:06 CET 2015 got them with dillo


Last edited by miroR on Wed Feb 18, 2015 7:00 pm; edited 5 times in total
Back to top
View user's profile Send private message
miroR
l33t
l33t


Joined: 05 Mar 2008
Posts: 826

PostPosted: Tue Feb 17, 2015 8:02 am    Post subject: Reply with quote

I can't have peace, and can't investigate.
All the little working time of mine today is these posts here. The rest of the time is lying in bed.
But there is something urgent to say (it's very logical, if you think deeply you can understand
that is, if you feel for FOSS Linux...
...
And I sent a private message to mv, but I don't know if it went ot Outbox at all, because the system
reported some error.
What is logical to do, by friends, when you domain is down, and you may not be able to do any about t
it?
What should frinds do, if they care for you?
Pls. somebody do it!
When they're back, that they may not need to start from elsewhere...
Pls.!
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6276

PostPosted: Tue Feb 17, 2015 4:03 pm    Post subject: Reply with quote

I didn't suggest anything. I am just wondering whether hardened-sources will be continuing. Probably somebody from the PAX team knows more and can say something about the situation.
Back to top
View user's profile Send private message
Apheus
Guru
Guru


Joined: 12 Jul 2008
Posts: 418

PostPosted: Tue Feb 17, 2015 4:09 pm    Post subject: Reply with quote

grsecurity.net looks fine from here (Germany). And from http://isitup.org/

Quote:
grsecurity.net is up.

It took 71 ms for a 200 response code with an ip of 50.251.85.49.
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6276

PostPosted: Tue Feb 17, 2015 4:17 pm    Post subject: Reply with quote

I can confirm that grsecurity.com is back again. Perhaps it was a temporary issue, only?
Back to top
View user's profile Send private message
depontius
Advocate
Advocate


Joined: 05 May 2004
Posts: 3376

PostPosted: Tue Feb 17, 2015 4:17 pm    Post subject: Reply with quote

Might it be a symptom of ipv4 address exhaustion?

As we eke out the last ipv4 addresses there is a secondary problem - sometimes the routing tables get a bit messy. In order to patch smaller address blocks into place, some routes occasionally become unreachable from some places. In other words, there may be times when one of your upstream routers had to choose between getting to PointA or PointB. Not to play favorites, but someone else requested PointA first, and until that routing entry expires you just can't get to PointB.

I suspect this explanation won't sound satisfactory, but when I heard it, it was much better made. The problem is my defective memory in trying to explain it here. I know I've seen similar apparent routing failures since hearing about it.
_________________
.sigs waste space and bandwidth
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6276

PostPosted: Tue Feb 17, 2015 4:23 pm    Post subject: Reply with quote

depontius wrote:
Might it be a symptom of ipv4 address exhaustion?

Since several people (from probably different countries; I also tried from several machines from rather different nets) had the same issue for some days, this is not very likely, especially since now everything seems to work again for everybody. It is more likely that grsecurity.com was down for some days for some reason (maintenance, political/financial issues, or whatever).
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 5592

PostPosted: Tue Feb 17, 2015 4:56 pm    Post subject: Reply with quote

Considering how hard its project leaders have been trolling LWN like little kids lately, I wouldn't rule out it being a tactical decision to win some petty argument...

(I definitely don't trust code written by such people)
Back to top
View user's profile Send private message
miroR
l33t
l33t


Joined: 05 Mar 2008
Posts: 826

PostPosted: Wed Feb 18, 2015 6:39 pm    Post subject: Reply with quote

mv wrote:
I didn't suggest anything. I am just wondering whether hardened-sources will be continuing. Probably somebody from the PAX team knows more and can say something about the situation.

I apologize for not having separated the explanation of
Quote:

>=hardened-sources-3.19

(which I understood was your suggestion), from my further thoughts not connected to your suggestion.
I'll try and correct that now that I browse and write with dillo (I think I'll trash the Schmoog Firefox)...
Anyway, I'm at peace now that www.grsecurity.net (not .com as stated above somewhere) is up! ;-)
Those are my heroes in FOSS, spender and PaX Team! Regardless of what some people think, without them, FOSS Linux would be miserable as far as true security goes, as I explained further above in my previous post which I'll try and correct now!
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum