[ale] suggested kernel?

Dow Hurst dhurst at kennesaw.edu
Tue Feb 19 15:43:17 EST 2002 

I remember reading about the loadable module hack and how it is a
beautiful way to hide yourself in a system.  Using a monolithic kernel
with loadable modules turned off should be standard procedure on a
firewall, correct?  Turning on kernel security mechanisms dealing with
ICMP and mangled packets should be SOP too.  I've been playing with
traffic shaping and it is very possible to instruct netfilter to limit
the number of packets of any protocol to be accepted by any interface.
dow
 
"Robert E. Karaffa, II" wrote:
> 
> You know, the value of this list is amazing.  I was poking around in my
> Mandrake box at home the other night.  It acts as my DSL gateway.  I saw
> some sort of "insmod" message in one of the logs that I didn't recognize.
> Also saw a message that said something like "some port(s) were opened for
> blah blah blah"...I can't remember what the message was.  It didn't ring any
> loud alarm bells at that instance...now they're banging in my head like
> there's no tomorrow!  Egads, somebody managed to get by my Bastille
> firewall?  And I can't run home to check right now!  Damn!
> 
> -Bob K., shaken, AND stirred!
> 
> on 2/19/02 2:38 PM, Geoffrey at esoteric at 3times25.net wrote:
> 
> >
> >
> > Stephen Turner wrote:
> >> why would someone want to make a kernel with all devices drivers etc
> >> embeded in the kernel and why would they want to put as much as possible
> >> into modules?
> >
> > Arguments I've heard, not that I agree with them.
> >
> > Why drivers in kernel:  If you build a firewall kernel, don't permit
> > kernel modules, build all the drivers you need into the kernel, hacker's
> > can't 'insmod' other drivers to get at your kernel.
> >
> > Modules loaded in and out take/reduce memory foot prints when the
> > modules are not loaded.
> >
> >>
> >>
> >> ------------------------------------------------------------------------
> >> *Do You Yahoo!?*
> >> Yahoo! Sports <http://sports.yahoo.com/oly> - Coverage of the 2002
> >> Olympic Games
> >
> 
> --
> **************************
> Robert E. Karaffa, II
> Technical Director
> Emory University
> Flow Cytometry Core Facility
> 1365 B Clifton Rd., Room B5133
> Atlanta, Ga 30322
> voice: 404/712-4429
> e-mail: rkaraff at emory.edu
> **************************
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
> sent to listmaster at ale dot org.

-- 
__________________________________________________________
Dow Hurst                   Office: 770-499-3428
Systems Support Specialist  Fax:    770-423-6744
1000 Chastain Rd.
Chemistry Department SC428  Email:dhurst at kennesaw.edu
Kennesaw State University         Dow.Hurst at mindspring.com
Kennesaw, GA 30144
*********************************
*Computational Chemistry is fun!*
*********************************

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list