250 lines
4.3 KiB
HTML
250 lines
4.3 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Configuring and Building a Secure, Optimized Kernel</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.60"><LINK
|
|
REL="HOME"
|
|
TITLE="Securing and Optimizing Linux"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Security, Optimization and Upgrade"
|
|
HREF="Secure-optimize.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Better manage your TCP/IP resources"
|
|
HREF="chap6sec75.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="Pre-Install"
|
|
HREF="chap7sec76.html"></HEAD
|
|
><BODY
|
|
CLASS="chapter"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Securing and Optimizing Linux: RedHat Edition -A Hands on Guide</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="chap6sec75.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
></TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="chap7sec76.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="chapter"
|
|
><H1
|
|
><A
|
|
NAME="pr3ch7lnke"
|
|
>Chapter 7. Configuring and Building a Secure, Optimized Kernel</A
|
|
></H1
|
|
><DIV
|
|
CLASS="TOC"
|
|
><DL
|
|
><DT
|
|
><B
|
|
>Table of Contents</B
|
|
></DT
|
|
><DT
|
|
>7.1. <A
|
|
HREF="chap7sec76.html"
|
|
>Pre-Install</A
|
|
></DT
|
|
><DT
|
|
>7.2. <A
|
|
HREF="chap7sec77.html"
|
|
>Uninstallation and Optimization</A
|
|
></DT
|
|
><DT
|
|
>7.3. <A
|
|
HREF="chap7sec78.html"
|
|
>Securing the kernel</A
|
|
></DT
|
|
><DT
|
|
>7.4. <A
|
|
HREF="chap7sec79.html"
|
|
>Compilation</A
|
|
></DT
|
|
><DT
|
|
>7.5. <A
|
|
HREF="chap7sec80.html"
|
|
>Kernel configuration -Part "A"</A
|
|
></DT
|
|
><DT
|
|
>7.6. <A
|
|
HREF="chap7sec81.html"
|
|
>Kernel configuration -Part "B"</A
|
|
></DT
|
|
><DT
|
|
>7.7. <A
|
|
HREF="chap7sec82.html"
|
|
>Kernel configuration -Part "C"</A
|
|
></DT
|
|
><DT
|
|
>7.8. <A
|
|
HREF="chap7sec83.html"
|
|
>Kernel configuration -Part "D"</A
|
|
></DT
|
|
><DT
|
|
>7.9. <A
|
|
HREF="chap7sec84.html"
|
|
>Kernel configuration -Part "E"</A
|
|
></DT
|
|
><DT
|
|
>7.10. <A
|
|
HREF="chap7sec85.html"
|
|
>Installing the new kernel</A
|
|
></DT
|
|
><DT
|
|
>7.11. <A
|
|
HREF="chap7sec86.html"
|
|
>Delete programs, Edit files pertaining to modules</A
|
|
></DT
|
|
><DT
|
|
>7.12. <A
|
|
HREF="chap7sec87.html"
|
|
>Create a emergency Rescue and Boot floppy disk</A
|
|
></DT
|
|
></DL
|
|
></DIV
|
|
><DIV
|
|
CLASS="highlights"
|
|
><A
|
|
NAME="AEN4946"
|
|
></A
|
|
><P
|
|
>
|
|
Well, our Linux server seems to be getting in shape now! But wait, what is the most important part of our server? Yes, it's the kernel. The Linux kernel is the core of our operating
|
|
system, and without it there is no Linux at all. So we must take care of our kernel and configure it to fit our needs and compile just features we really need. The first thing to do
|
|
next is to build a kernel that best suits your system. It's very simple to do but, in any case, refer to the README file in the /usr/src/linux/ directory. When configuring your kernel
|
|
only compile in code that you need and use. Few main reasons that come to mind are;
|
|
<P
|
|
></P
|
|
><UL
|
|
><LI
|
|
><P
|
|
> The Kernel will be faster less code to run,
|
|
</P
|
|
></LI
|
|
><LI
|
|
><P
|
|
> You will have more memory, Kernel parts are NEVER swapped to the virtual memory,
|
|
</P
|
|
></LI
|
|
><LI
|
|
><P
|
|
> More stable. Try probing for a non-existent card?,
|
|
</P
|
|
></LI
|
|
><LI
|
|
><P
|
|
> Unnecessary parts can be used by an attacker to gain access to the
|
|
machine or other machines on the network.
|
|
</P
|
|
></LI
|
|
><LI
|
|
><P
|
|
> Modules are also slower than support compiled directly in the kernel.
|
|
</P
|
|
></LI
|
|
></UL
|
|
>
|
|
</P
|
|
></DIV
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="chap6sec75.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="chap7sec76.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Better manage your <SPAN
|
|
CLASS="acronym"
|
|
>TCP/IP</SPAN
|
|
> resources</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="Secure-optimize.html"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Pre-Install</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |