My IT Blog

You need to compile kernel only if: => You need custom made kernel for specific task such as embedded kernel. => Apply third party security patches. => You need to apply specific patch to Linux Upgrade of the kernel in Red Hat enterprise Linux version <= 4.x If your system is registered with Red Hat Network (RHN), then you can use the up2datecommand as follows: # up2date -f kernel For SMP kernel (multi core or multiple CPU) use command: # up2date -f kernel-smp Upgrade of the kernel in Fedora Linux / CentOS / RHEL 5 Use yum command to upgrade kernel: # yum update kernel If you have downloaded RPM file use rpm command: # rpm -ivh kernel* Upgrade of the kernel in Debian or Ubuntu Linux Use apt-get command. First find your kernel version: $ uname -r Next find available kernel images: $ apt-cache search linux-image Now install kernel by explicitly specifying version number: # apt-get install linux-image-x.x.x-xx OR $ sudo apt-get install linux-image-x.x.x-xx

Q . I am a new proud Linux user. My question to you is - how do I find which kernel version installed on my Linux system? How do I upgrade my kernel to latest version? Any help would be greatly appreciated. A . The Linux kernel is the central component of most computer operating systems (OSs). Its responsibilities include managing the system's resources and the communication between hardware and software components. You need to use uname command to print certain system information including kernel name. Type the following command to print  kernel version  number: $ uname -r Output: 2.6.20-15-generic

#17: Logging and Auditing You need to configure logging and auditing to collect all hacking and cracking attempts. By default syslog stores data in /var/log/ directory. This is also useful to find out software misconfiguration which may open your system to various attacks. See the following logging related articles: Linux log file locations . How to send logs to a remote loghost . How do I rotate log files? . man pages syslogd, syslog.conf and logrotate. #17.1: Monitor Suspicious Log Messages With Logwatch / Logcheck Read your logs using  logwatch  or  logcheck . These tools make your log reading life easier. You get detailed reporting on  unusual items  in syslog via email. A sample syslog report: ################### Logwatch 7.3 (03/24/06) #################### Processing Initiated: Fri Oct 30 04:02:03 2009 Date Range Processed: yesterday ( 2009-Oct-29 ) Period is day. Detail Level of Output: 0

#11: Configure Iptables and TCPWrappers Iptables  is a user space application program that allows you to configure the firewall (Netfilter) provided by the Linux kernel. Use  firewall  to filter  out traffic and allow only  necessary traffic. Also use the  TCPWrappers a host-based  networking ACL system to filter network access to Internet. You can prevent many denial of service attacks with the help of Iptables: Lighttpd Traffic Shaping: Throttle Connections Per Single IP (Rate Limit) . How to: Linux Iptables block common attack . psad: Linux Detect And Block Port Scan Attacks In Real Time . #12: Linux Kernel /etc/sysctl.conf Hardening /etc/sysctl.conf file is used to  configure kernel parameters  at runtime. Linux reads and applies settings from /etc/sysctl.conf at boot time. Sample  /etc/sysctl.conf : # Turn on execshield kernel.exec-shield=1 kernel.randomize_va_space=1 # Enable IP spoofing protection net.ipv4.conf.all.rp_filter=1 # Disable IP source routing net.ipv4.conf.all.ac

#6: User Accounts and Strong Password Policy Use the useradd / usermod commands to create and maintain user accounts. Make sure you have a good and strong password policy. For example, a good password includes at least 8 characters long and mixture of alphabets, number, special character, upper & lower alphabets etc. Most important pick a password you can remember. Use tools such as " John the ripper " to find out weak users passwords on your server. Configure  pam_cracklib.so to  enforce the password policy. #6.1: Password Aging The  chage command  changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change his/her password. The  /etc/login.defs file  defines the site-specific configuration for the shadow password suite including password aging configuration. To disable password aging, enter: chage -M 99999 userName To get password expiration information, ente