On Wed, Sep 30, 2020 at 08:57:56AM PDT, Jason Long spake thusly:
Could SELinux protect a server from Reverse Shell attacks? When
hackers access to the CMSes like WordPress then they do a Reverse Shell for access to the
server. Could SELinux block it?
As the others have said, absolutely. And I've actually seen SELinux
protect servers from this sort of thing.
However, you also want to make sure you have egress filtering setup on
your firewall. If your server is not supposed to be making outbound
connections to strange IP addresses, why let it?
--
Tracy Reed