Difference between revisions of "Vuln kernel loadable modules"
m (→Next Steps) |
m (→Kernel Module loading is allowed) |
||
Line 8: | Line 8: | ||
2) Or, you have disabled this protection in the [[ASL]] kernel. | 2) Or, you have disabled this protection in the [[ASL]] kernel. | ||
+ | |||
+ | == Output from scanner == | ||
+ | |||
+ | If the ASL vulnerability scanner is producing this output: | ||
+ | |||
+ | Runtime module loading fixed | ||
+ | |||
+ | It means one of two things: | ||
+ | |||
+ | 1) You are using the [[ASL]] kernel, and you've configured ASL to disallow kernel module loading, but have not rebooted the server. | ||
+ | |||
+ | 2) You are not using the [[ASL]]. If you are not using the [[ASL]] kernel, you can not fix this vulnerability. The solution is to use the ASL kernel. | ||
= Next Steps = | = Next Steps = |
Latest revision as of 14:27, 29 August 2013
[edit] Kernel Module loading is allowed
This vulnerability means that Kernel Module loading is allowed. Linux kernels can be modified dynamically to allow what are called kernel modules to be loaded on demand. This can allow the system to load kernel capabilities when an application or user requires them. This also allows an attacker to install a kernel module rootkit, and ASL can prevent this from occurring. This vulnerability means that the kernel can be modified.
If you see this vulnerability it is caused by:
1) You are not running the ASL kernel
2) Or, you have disabled this protection in the ASL kernel.
[edit] Output from scanner
If the ASL vulnerability scanner is producing this output:
Runtime module loading fixed
It means one of two things:
1) You are using the ASL kernel, and you've configured ASL to disallow kernel module loading, but have not rebooted the server.
2) You are not using the ASL. If you are not using the ASL kernel, you can not fix this vulnerability. The solution is to use the ASL kernel.
[edit] Next Steps
First check to see if you are using the ASL kernel by going to this link.
If you are not running the ASL kernel:
Please reboot your system into the ASL kernel.
Note: If you have a VPS system, you will not have your own kernel. Please install ASL on the host server.
If you are running the ASL kernel:
Log into the ASL GUI, click on Configuration and select the ASL configuration menu option. This will open the ASL configuration screen. Scroll down to ALLOW_kmod_loading and set this to "no" then click update. You will need to reboot your server for this setting to be implemented on the server.