Vuln kernel loadable modules

From Atomicorp Wiki
Revision as of 17:36, 10 February 2012 by Mshinn (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Kernel Module loading is allowed

This vulnerability means that Kernel Module loading is allowed. Linux kernels can be modified dynamically to allow what are called kernel modules to be loaded on demand. This can allow the system to load kernel capabilities when an application or user requires them. This also allows an attacker to install a kernel module rootkit, and ASL can prevent this from occurring. This vulnerability means that the kernel can be modified.

If you see this vulnerability it is caused by:

1) You are not running the ASL kernel

2) Or, you have disabled this protection in the ASL kernel.

Next Steps

First check to see if you are using the ASL kernel by going to this link.

If you are not running the ASL kernel:

Please reboot your system into the ASL kernel.

Note: If you have a VPS system, you will not have your own kernel. Please install ASL on the host server.

If you are running the ASL kernel:

log into the ASL GUI, click on Configuration and select the ASL configuration menu option.  This will open the ASL configuration screen.  Scroll down to ALLOW_kmod_loading and set this to "no" then click update.  You will need to reboot your server for this setting to be implemented on the server.
Personal tools