[SATLUG] compiling a kernel

phn1x phnx.lists at gmail.com
Tue Jun 24 08:03:32 CDT 2008


I'd like to add one more factor.

When it comes to remote exploitation many exploits utilize memory addresses
that are known in the generic kernels. By compiling your own kernel you:

1) Add to the possibility that public exploit code will not work on your
system because the memory addresses will change
2) Can reduce the crap in the kernel that may be vulnerable without anyone
even knowing it (yes there are still a few non public exploits).

On Sun, Jun 22, 2008 at 7:46 PM, Bruce Dubbs <bruce.dubbs at gmail.com> wrote:

> John D Choate wrote:
> > After 5.5 years of using Linux (Mandrake/Mandriva), I have never compiled
> a
> > kernel. I know it would be a good learning experience for me, but I've
> never
> > found any other reason for doing it.
>
>
> 1. Do *not* change the topic on an existing thread.  Start a new
> message/thread.
>
> 2. Do trim non-relevant text when replying to a message.
>
> To answer your question, there are several reasons for compiling your own
> kernel:
>
> a.  For learning as you mention.  Knowing how to do it gives you confidence
> in the process.
>
> b.  For efficiency.  A standard distribution takes a lot longer to boot and
> is larger because everything is there.  Testing for dozens or hundreds of
> non-existent devices takes time.  Just compiling what you need leads to very
> efficient systems.  The size is small and the boot time is much faster.  My
> system takes about 20 seconds from power on to login prompt.  My kernel is
> 1.8M (no initrd) with the modules directory at 7.5M (4 modules - nvidia
> (7.2M) and vmware).  As a comparison, satlug runs RHEL and is 1.4M with
> initrd 481K and a modules directory of 29M (804 modules).
>
> c.  For testing new stuff that hasn't made it into the kernel yet.
>
>  -- Bruce
> --
> _______________________________________________
> SATLUG mailing list
> SATLUG at satlug.org
> http://alamo.satlug.org/mailman/listinfo/satlug to unsubscribe
> Powered by Rackspace (www.rackspace.com)
>



-- 
Phn1x - Emh
http://hamsterswheel.com


More information about the SATLUG mailing list