Linux kernel Security Post: 302461036

Sponsored Content

Special Forums Cybersecurity Linux kernel Security Post 302461036 by remi75 on Friday 8th of October 2010 09:23:19 AM

10-08-2010

Registered User

Quote:

Originally Posted by Vabiosis

Hey Folks,

What are the ways we can provide security to kernels.

How can I make my Kernel Unique and not allow anyone to replace my Unique kernel with a standard one.

How can i implement measures to avoid any user to replace or modify GRUB and Kernel...?

Need help on this
Thank you

yup recompile the kernel, and if you can/know how/or learn , disable ALL what is not necessary ... for example -- really just an example--- if you wont use iptables, disable ip filtering ... same with hardware drivers etc ... no RAID card, disable raid drivers ...

replace a kernel and/or grub cannot be done by a non root user .

If you mean phisically ... like when stiking the drive on another machine ...
you can have kenel/boot loader on a ReadOnly media :

usb card/stick , dvd/ cdrom / even a floppy ... (that you make readOnly Smilie

)

plus you can install tripwire so you get alerted whenever some tryes to Smilie

and for a mega paranoids : do not even enable module loading Smilie

because actually root-kits are modules or some rootkits are if i remember ,
so IF you can , because some drivers cant be inside the kernel , compile all the necessary drivers statically in the kernel .

as a bonus, you kernel will be faster Smilie

but dont forget , if u need some option / or driver, you will have to compile a whole new kernel that will include your new things .

so its long to prepare , but fast and secure to use (relatively)

another funny one, if u need your .config, print it and put it in a safe,
and disable it in the kernel too, otherwise it will be readable thru /proc/something i think ,
and if you are courageous, change the version number manually
so ; there will be no information about your kernel version, and how it was compiled.
From there ... there is therotically now way to break into your kernel .

Last edited by remi75; 10-08-2010 at 10:57 AM..

remi75

View Public Profile for remi75

Find all posts by remi75

LEARN ABOUT LINUX

grub-install

GRUB-INSTALL(8) 					  System Administration Utilities					   GRUB-INSTALL(8)

NAME

       grub-install - install GRUB to a device

SYNOPSIS

       grub-install [OPTION] install_device

DESCRIPTION

       Install GRUB on your drive.

       -h, --help
	      print this message and exit

       -v, --version
	      print the version information and exit

       --modules=MODULES
	      pre-load specified modules MODULES

       --boot-directory=DIR
	      install GRUB images under the directory DIR/grub instead of the /boot/grub directory

       --grub-setup=FILE
	      use FILE as grub-setup

       --grub-mkimage=FILE
	      use FILE as grub-mkimage

       --grub-mkrelpath=FILE
	      use FILE as grub-mkrelpath

       --grub-mkdevicemap=FILE use FILE as grub-mkdevicemap

       --grub-probe=FILE
	      use FILE as grub-probe

       --no-floppy
	      do not probe any floppy drive

       --allow-floppy
	      Make the drive also bootable as floppy (default for fdX devices). May break on some BIOSes.

       --recheck
	      probe a device map even if it already exists

       --force
	      install even if problems are detected

       --disk-module=MODULE
	      disk module to use

       INSTALL_DEVICE can be a GRUB device name or a system device filename.

       grub-install copies GRUB images into /boot/grub, and uses grub-setup to install grub into the boot sector.

REPORTING BUGS

       Report bugs to <bug-grub@gnu.org>.

SEE ALSO

       grub-mkconfig(8), grub-mkimage(1), grub-setup(8), grub-mkrescue(1)

       The full documentation for grub-install is maintained as a Texinfo manual.  If the info and grub-install programs are properly installed at
       your site, the command

	      info grub-install

       should give you access to the complete manual.

grub-install (GRUB) 1.99-12ubuntu5				   October 2011 						   GRUB-INSTALL(8)