How to handle Linux kernel Security

Source: Internet
Author: User

Handling Linux kernel security details

For computer users, the powerful functions of Windows have served a large number of users. However, the Windows security issue has caused a lot of headaches. Therefore, many people started to apply Linux, but the Linux kernel security has not been neglected, today we will talk about how to clean up Linux kernel security issues.
Windows has more security problems than the flea in the barn, but Linux may not be immune to its own security vulnerabilities. Two major bugs have been detected recently, but they will be fixed soon. To ensure that you are not troubled, You need to patch your kernel as soon as possible.
The first bug in the repair list is a remote DDos (Distributed Denial of Service) vulnerability, which may cause potential attackers to crash your server by sending an illegal large IPv4 TCP/IP package. Those network administrators may think, "Wait, have you heard of this stuff ?" Yes, you have heard of it.
An old ping to death DDoS attack is back. what happened in the end? According to the Linux kernel discussion list, someone made a code error somewhere between Linux kernel 2.6.28.10 and 2.6.29, as a result, this old attack method is making a comeback.
Fortunately, the bug is still open-source after all. This bug was quickly discovered and fixed before the malicious guys with ulterior motives had the opportunity to "ping to death" to attack your system. If you are not using Linux kernel 2.6.28.1x, you are safe. Not sure what version you are using? The simplest way is to run the following command at the command prompt:
Uname-
Another bug is much more troublesome in nature, because it will lead to the completion of your system. However, you can do this only when you are a local user, I think it is not more important than an attack that can be initiated over the Internet.
This bug is related to the Ext4 file system. In kernel 2.6.28, Ext4 has become an official maintenance part. This bug comes from three small Ext4 problems, which may cause a common local user to overwrite the file that originally has only the read permission. Therefore, a malicious user can overwrite the original normal Unix/Linux User Password File,/etc/passwd, regardless of whether this is what they need. This is not fun.
This problem has also been fixed. You must pay attention to this issue during Linux update operations. That is, are you sure your habitual updates are all done?
For Ubuntu; Red Hat; Fedora and openSUSE, there are other details to fix these problems. However, unless you want to gain a deeper understanding of the Code details, you do not need to pay too much attention to these miscellaneous things. You only need to ensure that your system can be updated normally, and everything will be fine.
After processing the Linux kernel, you can easily apply the computer.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.