2016-10-31 (last updated at July 3rd, 2018) Michael BoelenLinux 5 comments

Understanding memory information on Linux systems

Every operating system needs memory to store program code segments and data. This is also true for Linux systems. The problem: there is a lot of information available regarding memory usage and its behavior. Let’s discover how Linux manages its memory and how we can gather memory information. After reading this guide, you will be able to: Show the total amount of memory Display all memory details Understand the details listed in /proc/meminfo Use tools like dmesg, dmidecode, free, and vmstat […]

2016-10-24 (last updated at June 25th, 2018) Michael BoelenKernel 2 comments

Linux and ASLR: kernel/randomize_va_space

Configuring ASLR with randomize_va_space The Linux kernel has a defense mechanism named address space layout randomization (ASLR). This setting is tunable with the randomize_va_space setting. Before making changes to this setting, it is good to understand what this Linux security measure actually does and how it works. Understanding ASLR In 2001 the term ASLR was first introduced as a patch to the Linux kernel. Its main goal was to randomize memory segments to make abuse by malicious programs harder. A […]

2015-08-27 Michael BoelenSecure, System Integrity Leave a comment

Linux Security Principle: Containment of Failure

Containment of Failure Everyone who used Windows 95 or 98 in the past is familiar with the concept of failure. One crashing application was enough to bring the system to a halt. Fortunately, Linux systems have a strong foundation, including privilege separation and memory management. When things go wrong, the impact is reduced to a minimum. This is called containment. Linux Memory Management Memory is like your the storage capacity of your brain. Every bit should be stored properly, or otherwise […]