Search icon CANCEL
Subscription
0
Cart icon
Cart
Close icon
You have no products in your basket yet
Save more on your purchases!
Savings automatically calculated. No voucher code required
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Oracle Linux Cookbook

You're reading from  Oracle Linux Cookbook

Product type Book
Published in Jan 2024
Publisher Packt
ISBN-13 9781803249285
Pages 548 pages
Edition 1st Edition
Languages
Authors (3):
Erik Benner Erik Benner
Profile icon Erik Benner
Erik B. Thomsen Erik B. Thomsen
Profile icon Erik B. Thomsen
Jonathan Spindel Jonathan Spindel
Profile icon Jonathan Spindel
View More author details
Toc

Table of Contents (16) Chapters close

Preface 1. Chapter 1: Oracle Linux 8 – Get It? Got It? Good! 2. Chapter 2: Installing with and without Automation Magic 3. Chapter 3: Exploring the Various Boot Options and Kernels in Oracle Linux 4. Chapter 4: Creating and Managing Single-Instance Filesystems 5. Chapter 5: Software Management with DNF 6. Chapter 6: Eliminating All the SPOFs! An Exercise in Redundancy 7. Chapter 7: Oracle Linux 8 – Patching Doesn’t Have to Mean Rebooting 8. Chapter 8: DevOps Automation Tools – Terraform, Ansible, Packer, and More 9. Chapter 9: Keeping the Data Safe – Securing a System 10. Chapter 10: Revisiting Modules and AppStreams 11. Chapter 11: Lions, Tigers, and Containers – Oh My! Podman and Friends 12. Chapter 12: Navigating Ansible Waters 13. Chapter 13: Let’s All Go to the Cloud 14. Index 15. Other Books You May Enjoy

Installing and enabling Known Exploit Detection

One of the most critical things to do to secure your system (and, more importantly, the data in the system) is to implement the ability to detect when the bad guys are trying to break in. Ksplice has a unique feature called Known Exploit Detection (KED) that will report on known attacks against the kernel. Normally, only exploits that allow the hacker to access additional privileges are instrumented for KED and, for these to trigger, the kernel should already have been spliced for the vulnerability.

Getting ready

To do this, you will need a test system running Oracle Linux 8, with Ksplice set up.

How to do it…

This is done via tripwire code, which is triggered when specific events are detected. Normally, only events that enable the attacker to gain privileged access are monitored. This package is available on both x86 and ARM systems.

To enable this, the pack must first be installed by using the following command...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €14.99/month. Cancel anytime}