Re: Kernel options for server use

From: Tim Haynes (usenet-20040314_at_stirfried.vegetable.org.uk)
Date: 03/15/04

• Next message: ynotssor: "Re: Antivirus"
• Previous message: erik: "Re: Kernel options for server use"
• In reply to: jealous xmp: "Re: Kernel options for server use"
• Next in thread: Ben Measures: "Re: Kernel options for server use"
• Reply: Ben Measures: "Re: Kernel options for server use"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sun, 14 Mar 2004 23:00:09 +0000

jealousxmp@aol.commonplace (jealous xmp) writes:

>>While building a new kernel, which is only to be for a web server, I
>>wondered if it would be a good idea to disable support for loadable
>>kernel modules? I couldn't think of any good reasons why a server
>>would need this.
>
> So you have to recompile before loading a kernel-mode rootkit. Argh.

Erm.. No? There was an article a year or more ago where modules were
effectively loaded into a running kernel without using the regular insmod
calls. So, while this used to be a relatively effective way of putting a
hurdle in a cracker's way, I wouldn't be surprised if it ceases to be
particularly useful sooner rather than later.

~Tim

-- 
  22:58:54 up 103 days,  2:14,  0 users,  load average: 0.64, 0.55, 0.30
piglet@stirfried.vegetable.org.uk |Morning dawning /
http://spodzone.org.uk/cesspit/   |With life abounding

---

• Next message: ynotssor: "Re: Antivirus"
• Previous message: erik: "Re: Kernel options for server use"
• In reply to: jealous xmp: "Re: Kernel options for server use"
• Next in thread: Ben Measures: "Re: Kernel options for server use"
• Reply: Ben Measures: "Re: Kernel options for server use"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Various problems with new AMD 64 HP Pavilion Desktop machine. (REPOST) ... Kernel modules: intel-agp ... Kernel driver in use: pcieport-driver ... Initializing cgroup subsys cpuset ... (Linux-Kernel) Re: Regression from 2.6.26: Hibernation (possibly suspend) broken on Toshiba R500 (bisected) ... Freeing unused kernel memory: 356k freed ... Toshiba America Info Systems Device 0001 ... Kernel modules: intel-agp ... Kernel driver in use: HDA Intel ... (Linux-Kernel) PROBLEM: slow system with a reniced process on a Core 2 DUO T7500 ... Keywords (i.e., modules, networking, kernel): ... Kernel modules: intel-agp ... Latency: 0, ... Kernel driver in use: pcieport-driver ... (Linux-Kernel) Re: PROBLEM: Starting with 2.6.28.5 Core2 Duo CPU T8300 /proc/cpuinfo reports different cpu MHz valu ... 00200000-00456bbd: Kernel code ... Latency: 0 ... Kernel modules: intel-agp ... (Linux-Kernel) PROBLEM: Starting with 2.6.28.5 Core2 Duo CPU T8300 /proc/cpuinfo reports different cpu MHz values f ... 2000-2fff: PCI Bus 0000:02 ... 00200000-00456bbd: Kernel code ... Latency: 0 ... Kernel modules: intel-agp ... (Linux-Kernel)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.os.linux.security  > 2004-03