By default |
||
Available |
||
Unimplemented |
||
feature |
wheezy |
jessie |
No Open Ports |
? |
? |
Password hashing |
? |
? |
SYN cookies |
? |
? |
Filesystem Capabilities |
? |
? |
Configurable Firewall |
? |
? |
Cloud PRNG seed |
? |
? |
PR_SET_SECCOMP |
? |
? |
? |
? |
|
SELinux |
? |
? |
SMACK |
? |
? |
Encrypted LVM |
||
eCryptfs |
ecryptfs-utils |
ecryptfs-utils |
Stack Protector |
? |
? |
Heap Protector |
? |
? |
Pointer Obfuscation |
? |
? |
Stack ASLR |
? |
? |
Libs/mmap ASLR |
? |
? |
Exec ASLR |
? |
? |
brk ASLR |
? |
? |
VDSO ASLR |
? |
? |
Built as PIE |
? |
? |
Built with Fortify Source |
? |
? |
Built with RELRO |
? |
? |
Built with BIND_NOW |
? |
? |
Non-Executable Memory |
? |
? |
/proc/$pid/maps protection |
? |
? |
Symlink restrictions |
? |
? |
Hardlink restrictions |
? |
? |
ptrace scope |
? |
? |
0-address protection |
? |
? |
/dev/mem protection |
? |
? |
/dev/kmem disabled |
? |
? |
Block module loading |
? |
? |
Read-only data sections |
? |
? |
Stack protector |
? |
? |
Module RO/NX |
? |
? |
Kernel Address Display Restriction |
? |
? |
Blacklist Rare Protocols |
? |
? |
Syscall Filtering |
? |
? |
Block kexec |
? |
? |