Topic: Kernel

Linux namespaces

The Linux kernel uses namespaces to isolate resources and make them available to one or more processes. A bit like The Matrix movie.

Kernel.sched_schedstats

The Linux kernel uses the Linux scheduler to decide which tasks to run and for how long. This setting defines if additional statics should be tracked.

Explanation of the values in /proc/PID/sched

The Linux kernel uses the scheduler to run tasks for processing by the CPU and stores statistics in /proc/PID/sched file. Learn about these details.

Linux kernel scheduler

The Linux kernel uses the Linux scheduler infrastructure to deal with tasks and assign them the right priority for processing by the CPU.

Sysctl: ipe.success_audit

Sysctl key ipe.success_audit key is used to define if audit events should be created when using the Linux security module IPE (Integrity Policy Enforcement).

Sysctl: ipe.enforce

The sysctl key ipe.enforce defines the mode of the Linux security module IPE (Integrity Policy Enforcement). Learn about the possible values and their meaning.

Ipe

The sysctl settings starting with ipe define the configuration of IPE (Integrity Policy Enforcement) module. Learn about the settings and possible values.

What is the difference between /dev/random and /dev/urandom?

Learn the difference between Linux kernel random sources /dev/random and /dev/urandom, and when to use which one. Spoiler: probably /dev/urandom.

Sysctl net.*

The kernel has a wide range of network settings. Learn about the sysctl command and the values related to the network class.

Sysctl: net.ipv4.ip_forward

The sysctl key net.ipv4.ip_forward key is used to define IP forwarding of IPv4 network packets. Learn about the possible values of this key and their meaning.

Sysctl: kernel.perf_event_paranoid

Secure the Linux kernel with the help of the sysctl kernel.perf_event_paranoid key, including the possible values and their meaning.

What is a tainted kernel

The Linux kernel is marked tainted when a specific event happened that could impact reliable troubleshooting of kernel issues. Learn about the relevant events.

How to find the specific cause of a tainted kernel

The Linux kernel can mark itself as being 'tainted'. Learn what it means when the Linux kernel is tainted and in particular the underlying cause.

Sysctl

Learn about the sysctl command and how it can help with kernel tunables to alter the system configuration and perform additional security hardening.

Sysctl kernel.*

The Linux kernel has a range of settings that influence the behavior of the kernel itself. Learn about sysctl settings and values related to the kernel class.

Kernel.tainted

Improve the Linux security by understanding and configuring the sysctl kernel.tainted key, including the possible values and their meaning.

Livepatch: Linux kernel updates without rebooting

Livepatch is a feature to do live kernel patching for Linux systems. It allows applying security updates without rebooting the system. Learn how it works!

Linux and ASLR: kernel/randomize_va_space

ASLR protects the Linux kernel and programs against different attacks. It can be tuned with the randomize_va_space setting to provide different protections.

Linux hardening with sysctl settings

The Linux kernel can be secured with the help of kernel tunables called sysctl keys. Learn how system hardening principles can be applied using sysctl.

Monitor file access by Linux processes

Linux is powerful with the help of small utilities like lsof and strace. They help with monitoring disk and file activity, of new and running processes.

Linux kernel security and how to improve it

Every system is as strong as its weakest link, especially the system kernel. This article explains Linux kernel security, what we can do and how to do so.