republican-creole
site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

OS and Software > All Things Unix > Advanced Linux Malware Compromises Servers !

Search Topic:
 Uniqs:
293		 Share Topic
Posting?
Post a:
Post a:
Links: ·Forum FAQ ·Attitude Adjustment ·Linux docs ·DistroWatch ·OPLM
AuthorAll Replies


aefstoggaflm
Open Source Fan
Premium
join:2002-03-04
Bethlehem, PA
kudos:2
Reviews:
·Verizon Online DSL

Advanced Linux Malware Compromises Servers !

As seen in the security forum »Advanced Linux Malware Compromises Servers
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.
to forum · permalink · 2012-11-22 13:24:54 ·


POSIX_CAPS

@pnap.net

This is precisely why I always pull CAP_SYS_MODULE after boot. I HIGHLY recommend those use:

Older Kernels
lcap CAP_SYS_MODULE

May want to remove CAP_NET_ADMIN as well after system boot.

Newer Kernels
/sbin/sysctl -w kernel.modules_disabled=1

I also highly recommend, from a security aspect, to panic on kernel oops.

/sbin/sysctl -w kernel.panic_on_oops=1

Pulling the POSIX CAP_SYS_MODULE capability is one-way and cannot be undone until reboot. Additionally, many newer Linux distributions have a nasty habit of allowing userland to dynamically insert/modprobe kernel modules (udev perhaps?) that may be vulnerable. Pulling CAP_SYS_MODULE goes a long way to securing your system.

to forum · permalink · 2012-11-22 18:20:26 ·
Forums > OS and Software > All Things Unix

Sunday, 19-May 12:34:31 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 13.5 years online © 1999-2013 dslreports.com.
Most commented news this week
Hot Topics