Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Linux kernel Security
Special Forums Cybersecurity Linux kernel Security Post 302461036 by remi75 on Friday 8th of October 2010 09:23:19 AM
Old 10-08-2010
Quote:
Originally Posted by Vabiosis
Hey Folks,

What are the ways we can provide security to kernels.

How can I make my Kernel Unique and not allow anyone to replace my Unique kernel with a standard one.

How can i implement measures to avoid any user to replace or modify GRUB and Kernel...?

Need help on this
Thank you
yup recompile the kernel, and if you can/know how/or learn , disable ALL what is not necessary ... for example -- really just an example--- if you wont use iptables, disable ip filtering ... same with hardware drivers etc ... no RAID card, disable raid drivers ...

replace a kernel and/or grub cannot be done by a non root user .

If you mean phisically ... like when stiking the drive on another machine ...
you can have kenel/boot loader on a ReadOnly media :

usb card/stick , dvd/ cdrom / even a floppy ... (that you make readOnly Smilie )

plus you can install tripwire so you get alerted whenever some tryes to Smilie

and for a mega paranoids : do not even enable module loading Smilie because actually root-kits are modules or some rootkits are if i remember ,
so IF you can , because some drivers cant be inside the kernel , compile all the necessary drivers statically in the kernel .

as a bonus, you kernel will be faster Smilie

but dont forget , if u need some option / or driver, you will have to compile a whole new kernel that will include your new things .

so its long to prepare , but fast and secure to use (relatively)

another funny one, if u need your .config, print it and put it in a safe,
and disable it in the kernel too, otherwise it will be readable thru /proc/something i think ,
and if you are courageous, change the version number manually
so ; there will be no information about your kernel version, and how it was compiled.
From there ... there is therotically now way to break into your kernel .
Last edited by remi75; 10-08-2010 at 10:57 AM..
 

LEARN ABOUT OPENSOLARIS

addpart

ADDPART(8)                                                     System Administration                                                    ADDPART(8)

NAME

       addpart - tell the kernel about the existence of a partition

SYNOPSIS

       addpart device partition start length

DESCRIPTION

       addpart  tells the Linux kernel about the existence of the specified partition.  The command is a simple wrapper around the "add partition"
       ioctl.

       This command doesn't manipulate partitions on a block device.

PARAMETERS

       device The disk device.

       partition
              The partition number.

       start  The beginning of the partition (in 512-byte sectors).

       length The length of the partition (in 512-byte sectors).

SEE ALSO

       delpart(8), fdisk(8), parted(8), partprobe(8), partx(8)

AVAILABILITY

       The addpart command is part of the util-linux package and is available from https://www.kernel.org/pub/linux/utils/util-linux/.

util-linux                                                         January 2015                                                         ADDPART(8)
All times are GMT -4. The time now is 07:05 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy