2015-06-16 Michael BoelenAccounting, Auditing, Kernel Integrity, System Integrity Leave a comment

Linux System Integrity Explained: Ensure Data, Logging and Kernel Integrity

Linux System Integrity Explained From Data and Logging, up to Kernel Integrity Systems exist for one primary goal, which is processing data. Information security helps protecting this valuable data, by ensuring its availability, integrity, and confidentiality. In other words, data should be available when we need it. Then it should be properly transmitted and stored, without errors. Our last goal ensures that it is only available to those with a need to know. Many open source software components are available […]

2015-05-16 (last updated at June 13th, 2020) Michael BoelenKernel Integrity 3 comments

Kernel hardening: Disable and blacklist Linux modules

Disable and black Linux kernel modules The Linux kernel is modular, which makes it more flexible than monolithic kernels. New functionality can be easily added to a run kernel, by loading the related module. While that is great, it can also be misused. You can think of loading malicious modules (e.g. rootkits), or unauthorized access to the server and copy data via a USB port. In our previous article about kernel modules, we looked at how to prevent loading any […]

2015-05-12 (last updated at October 7th, 2015) Michael BoelenHardening, Kernel Integrity, Linux One comment

Increase kernel integrity with disabled Linux kernel modules loading

Increasing Linux kernel integrity Disable loading kernel module on Linux systems The Linux kernel can be configured to disallow loading new kernel modules. This feature is especially useful for high secure systems, or if you care about securing your system to the fullest. In this article, we will have a look at the configuration of this option. At the same time allowing legitimate kernel modules to be loaded. Disable kernel modules Newer kernel modules have a sysctl variable named kernel.modules_disabled. Sysctl […]