In brief,
AngeL is a Linux
kernel module designed to work with
kernel version 2.6.0 or later. The module uses the new
Linux Security Module framework to implement
security policies without performing any system call interposition. This
approach leads to a less intrusive code that means more robust and more
easy to read. AngeL uses the rock solid
netfilter firewalling facility in
order to control all packets leaving your host.
AngeL makes your host unable to send hostile traffic across the network.
It also blocks a large number of
root compromise attacks and
local denial of services, by using hooks provided by LSM
framework and perfom sanity checks on the input parameters before
allowing or not the requested service.