IS3440 Assessment Lab07
Assessment Worksheet
Hardening Security for the Linux Kernel
IS3440
Course Name and Number: _____________________________________________________
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
Overview
In this lab, you viewed and tuned all kernel parameters and discovered information regarding the current Loadable Kernel Modules (LKMs) and about the kernel itself. You explored the sysctl.conf file and made modifications to system settings. Finally, you enabled and interpreted the results of the lsmod command.
Lab Assessment Questions & Answers
1. What is the command to view the current Linux kernel parameters? cat /etc/sysctl.conf
2. Which command can you run to list all the kernel’s available parameters one screen at a time with the ability to move forward and backward on the output?
/sbin/sysctl -a | less
3. What is the purpose of enabling SYN cookies in the Linux kernel?
To harden the kernel security; it tunes the kernel parameters against the SYN flood attack.
4. If you wanted to limit the number of files that a user can open simultaneously on the
CentOS Linux Server to a maximum of one, what is the command syntax you need to enable in the Linux kernel? su -c '/sbin/sysctl -w fr.file-max=1
5. What is the best way to make a systemwide permanent change to the kernel to enable
SYN cookies?
Open the /etc/sysctl.conf file with vi Editor, make changes to settings, and reboot the system.
Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com
Student Lab Manual
6. Your boss wants you to make sure a freshly installed system is up to date and locked down at the kernel level. Which command would you use to load a new module?
Which command would you use to remove an unwanted module? su -c '/sbin/modprobe
Hardening Security for the Linux Kernel
IS3440
Course Name and Number: _____________________________________________________
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
Overview
In this lab, you viewed and tuned all kernel parameters and discovered information regarding the current Loadable Kernel Modules (LKMs) and about the kernel itself. You explored the sysctl.conf file and made modifications to system settings. Finally, you enabled and interpreted the results of the lsmod command.
Lab Assessment Questions & Answers
1. What is the command to view the current Linux kernel parameters? cat /etc/sysctl.conf
2. Which command can you run to list all the kernel’s available parameters one screen at a time with the ability to move forward and backward on the output?
/sbin/sysctl -a | less
3. What is the purpose of enabling SYN cookies in the Linux kernel?
To harden the kernel security; it tunes the kernel parameters against the SYN flood attack.
4. If you wanted to limit the number of files that a user can open simultaneously on the
CentOS Linux Server to a maximum of one, what is the command syntax you need to enable in the Linux kernel? su -c '/sbin/sysctl -w fr.file-max=1
5. What is the best way to make a systemwide permanent change to the kernel to enable
SYN cookies?
Open the /etc/sysctl.conf file with vi Editor, make changes to settings, and reboot the system.
Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com
Student Lab Manual
6. Your boss wants you to make sure a freshly installed system is up to date and locked down at the kernel level. Which command would you use to load a new module?
Which command would you use to remove an unwanted module? su -c '/sbin/modprobe