• Choose a category
• All
• Classic-Fiction

7. At the next reboot, select the new kernel in lilo and it will load the new kernel. If it works, move it to the first position in the lilo.conf so it will boot every time by default.

Understand GCC Compilation Commands

GNU Compiler Collection (GCC) is a command-line compiler that takes source code and makes it an executable. You can download it from http://gcc. gnu. org (many Linux distributions also include a version of GCC). GCC can be used to compile and execute C, C++, and Fortran applications so they are able to run on a Linux system.

The following command compiles C++ code with the GCC for use as an application:

The command to compile C code with the GCC for use as an application is as follows:

Understand How to Install

Linux Kernel Modules

Linux Kernel Modules (LKMs) let you add functionality to the operating system without having to recompile the OS.

Linux live CDs area good choice if you're new to Linux. Using the live CD, you can test and use the operating system without installing Linux on the system. To use a live CD, visit www. di strowatch. com to choose a distribution. Then, download the ISO file, and write it to a CD. That CD can be put in any system and booted to a fully functioning version of Linux.

A danger of using LKMs is that a rootkit can easily be created as an LKM and, if loaded, it infects the kernel. For this reason, you should download LKMs only from a verified good source.

Examples of LKM rootkits are Knark, Adore, and Rtkit. Because they infect the kernel, these rootkits are more difficult to detect than those that do not manifest themselves as LKMs. Once a system has been compromised, the hacker can put the LKM in the /tmp or the /var/tmp directory, which can't be monitored by the system administrator, thereby hiding processes, files, and network connections. System calls can also be replaced with those of the hacker's choosing on a system infected by an LKM rootkit.

The command to load a LKM is modprobe LKM.

Understand Linux Hardening Methods

Hardening is the process of improving security on a system by making modifications to the system. Linux can be made more secure by employing some of these hardening methods.

The first step in securing any server, Linux or Windows, is to ensure that it's in a secure location such as a network operations center, which prevents a hacker from gaining physical access to the system.

The next and most obvious security measure is to use strong passwords and not give out usernames or passwords. Administrators should make sure the system doesn't have null passwords by verifying that all user accounts have passwords in the /etc/shadow file.

The default security stance of deny al 1 is a good one for hardening a system from a network attack. After applying deny a11, the administrator can open certain access for specific users. By using the deny all command first, the administrator ensures that users aren't being given access to files that they shouldn't have access to. The command to deny all users access from the network is

Another good way to harden a Linux server is to remove unused services and ensure that the system is patched with the latest bug fixes. Administrators should also check system logs frequently for anything unusual that could indicate an attack.

The following are other recommended steps to improve the security of a Linux server:

■ Use a widely recognized and known good Linux distribution.

■ Don't install unnecessary applications or services.

■ Change the default passwords.

■ Disable remote root login.

■ Set up and enable IP tables.

■ Install a host-based intrusion detection system (HIDS).

■ Utilize log files.

Exam Essentials

Understand the use of Linux in the marketplace. Linux has become more popular with the introduction of commercial versions and more available applications. Linux can be used as a hacking platform, as a server, or as a workstation.

Know how to use a Linux live CD. Locate and download an ISO file. Write it to a CD, and boot a system