Difference between revisions of "Vuln kernel loadable modules"
(Created page with "= Kernel Module loading is allowed = This vulnerability means that Kernel Module loading is allowed. Linux kernels can be modified dynamically to allow what are called kernel...") |
m (→Next Steps) |
||
Line 21: | Line 21: | ||
'''If you are running the ASL kernel:''' | '''If you are running the ASL kernel:''' | ||
− | + | Log into the ASL GUI, click on Configuration and select the ASL configuration menu option. This will open the ASL configuration screen. Scroll down to ALLOW_kmod_loading and set this to "no" then click update. You will need to reboot your server for this setting to be implemented on the server. |
Revision as of 17:48, 10 February 2012
Kernel Module loading is allowed
This vulnerability means that Kernel Module loading is allowed. Linux kernels can be modified dynamically to allow what are called kernel modules to be loaded on demand. This can allow the system to load kernel capabilities when an application or user requires them. This also allows an attacker to install a kernel module rootkit, and ASL can prevent this from occurring. This vulnerability means that the kernel can be modified.
If you see this vulnerability it is caused by:
1) You are not running the ASL kernel
2) Or, you have disabled this protection in the ASL kernel.
Next Steps
First check to see if you are using the ASL kernel by going to this link.
If you are not running the ASL kernel:
Please reboot your system into the ASL kernel.
Note: If you have a VPS system, you will not have your own kernel. Please install ASL on the host server.
If you are running the ASL kernel:
Log into the ASL GUI, click on Configuration and select the ASL configuration menu option. This will open the ASL configuration screen. Scroll down to ALLOW_kmod_loading and set this to "no" then click update. You will need to reboot your server for this setting to be implemented on the server.