Linux Kernel Security

30 minutes
  • 6 Learning Objectives

About this Hands-on Lab

Many important security configurations can be set using kernel parameters. In this hands-on lab, we will learn how to find and modify these parameters using various utilities. These skills are essential for passing advanced security certification exams such as the LPIC 303-200 exam.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create a Text File for the Kernel Parameters
  1. Run the following command:
    touch /home/cloud_user/investigate.txt
Install the Kernel Documentation
  1. Run the following command:
    sudo yum install kernel-doc
Find and Document the Value of the `randomize_va_space` Parameter
  1. View the value of the randomize_va_space parameter by running the following command:
    sysctl -ar randomize_va
  2. Add the value to the investigate.txt file.
    sysctl -ar randomize_va >> investigate.txt
Find and Document the Values of All ICMP Kernel Parameters
  1. Run the following command:
    sysctl –ar icmp >> investigate.txt
Temporarily Disable ICMP Using a Kernel Parameter
  1. Run the following command:
    sudo sysctl –w net.ipv4.icmp_echo_ignore_all=1
Find and Document the Current Kernel Security Limits
  1. View the contents of /etc/security/limits.conf.
    vim /etc/security/limits.conf
  2. Write the contents of /etc/security/limits.conf to investigate.txt.
    cat /etc/security/limits.conf >> investigate.txt
  3. Locate the current security limits for cloud_user.
    ulimit -a
  4. Write the output of the ulimit -a command to investigate.txt.
    ulimit -a >> investigate.txt

Additional Resources

After a critical breach, the director of IT at your company has tasked you with developing a hardened image for general use within your company's data center. You must create a list of possible configuration changes that should be further investigated for optimal security on general purpose servers. You have been instructed to provide a list of possible kernel parameters to ensure the address space layout randomization is in effect and to examine possible network security configurations for ICMP. You also must audit the currently configured system limits managed by

Summary tasks list:

  • Create a text file called /home/cloud_user/investigate.txt to document kernel parameters for later investigation.

  • Install the kernel documentation and search the sysctl documentation for entries pertaining to address space randomization.

  • Determine the current value of randomize_va_space using sysctl and add the entry to investigate.txt.

  • Locate all ICMP kernel parameters and add them to investigate.txt using sysctl.

  • Temporarily disable ICMP using a kernel parameter.

  • Find the current kernel security limits for cloud_user and etc/security/limits.conf and add them to investigate.txt.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?