Collaborate Disseminate
I have a Linksys WRT1200AC with DD-WRT v3.0-r48865 std. It’s connected to the Internet through the ISP’s modem in bridge mode.
My syslog reports continuously, many times per second stuff like this:
kern.warn kernel: [18453.515784] DROP IN=… Continue reading A Continuous Flood of Kernel Warnings. Am I under attack?
I’m applying for a Linux developer job. One of the questions is: "What linux distro uses version 4.X (specifically, version 4.4x)?"
It seems easy to sign kernel modules at compile time. Apparently, you just set CONFIG_MODULE_SIG_ALL=y in your .config file and then the compiler will perhaps give you the appropriate errors until you have installed acceptable certificates… Continue reading How To First Strip and Then Sign Kernel Modules at Complie Time
Even read-only files can be written to, leading to a dangerously general purpose elevation-of-privilege attack. Continue reading “Dirty Pipe” Linux kernel bug lets anyone write to any file
I saw the recent CVE-2022-0492 that can enable container escape, and I have a decent understanding of cgroups and container capabilities, but not very familiar with how hybrid cgroup v1/v2 works, nor how cgroups and capabilities work toget… Continue reading Container escape – CVE-2022-0492 – hybrid cgroups?
Does the Linux Kernel include a firewall in its monolith? Is it netfilter, iptables, nftables, or firewalld? How all these components interact between them?
Continue reading What’s difference between netfilter, iptables, nftables, and firewalld? [closed]
With reference to:
https://www.theregister.com/2022/02/23/chinese_nsa_linux/
https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf
How can one detect, prevent and defend against such attacks occurrin… Continue reading Detect, stop and defend against Backdoor Bvp47, an attack tool that leverages Berkeley Packet Filter (BPF) for Linux Socket Filtering
When the PlayStation 3 first launched, one of its most lauded features was its ability to officially run full Linux distributions. This was of course famously and permanently borked by …read more Continue reading Turning the PS4 into a Useful Linux Machine
What are the security implications of mapping a host folder to a Docker container ro? For example -v /usr/local/bin:/usr/local/bin:ro.
Of course, the container can now read the host folder. But, assuming the mapping is of data that’s publ… Continue reading Security of a ro volume in Docker
I learned about gVisor from https://security.stackexchange.com/a/259275/133925 . It runs containers under a custom kernel, written in Go, with very intense security.
My question is: The whole point of Docker is to use the host kernel. Ho… Continue reading How does gVisor run its own kernel replacement under Docker for security?