home   |   about us   |   our network   |   services   |   contact
 
Services
» Web Hosting
» Reseller Hosting
» Dedicated Servers
» Managed Web Hosting
» Server Security / Auditing
» Remote Backup / Storage
» Virtual Dedicated Servers
 
Support
» Support Desk
» Client Login
» Forums
» FAQs
» Help Files
» Acceptable Use Policy
» Client Testimonials
 
Tutorials
» Dedicated Server Tutorial
» Website Optimization
» Search Engine Optimization
» Web Hosting Tutorials
» Web Programming Tutorials
» Networking Tutorials
» Virtual Server Tutorials
» Resources


Tutorial/HOW-TO: Kernel 2.6 Compilation with Grsecurity (grsec) - 2.6.5, 2.6.7, 2.6.8, 2.8.1, 2.6.9, 2.6.10, 2.6.11.6

The following tutorial provide a basic tutorial on installing grsecurity on a linux 2.6 kernel, it is up to date as of kernel 2.6.10.

Download the kernel source (obtain the latest kernel from kernel.org):

cd /usr/src/
wget http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.10.tar.bz2
bzip2 -d linux-2.6.10.tar.bz2
tar xf linux-2.6.10.tar

Download the grsec patch (download the latest patch from grsecurity.org/download.php):

cd /usr/src/
wget http://grsecurity.org/grsecurity-2.1.0-2.6.10-200501081640.patch

Patch the kernel with the grsecurity patch:

patch -p0 < grsecurity-2.1.0-2.6.10-200501081640.patch

 

Before doing your configuration you may want to check which hardware you are using:

lspci

For a specific hardware component:

lspci -s 00:00.0 -vv
lspci -s 00:1f.0 -vv


Start cofiguring/compile the kernel:

cd /usr/src/linux-2.6.10
make clean
make mrproper

If you are using an old .config file, then copy it to /usr/scr/linux-2.6.10 and do the following:

make oldconfig

If this is a new configuration or you are unsure what to do, then do the following:

make menuconfig

Once you have configured all your kernel options, be sure to continue on to the grsec menu and chose the security level you wish to use, as well as any specific security options. If are running a server you may want to disable the following options from the kernel:

  • Telephony Support
  • Fusion MPT device support
  • IEEE 1394 (FireWire) support (EXPERIMENTAL)
  • Amateur Radio support
  • IrDA (infrared) support
  • ISDN subsystem --- only if you are not using ISDN
  • Multimedia devices
  • Sound
  • USB support
  • Old CD-ROM drivers (not SCSI, not IDE) --- only if uneeded
  • Bluetooth support
  • Library routines

Exit and save the configuration, and proceed to build the kernel and modules:

make

Now you need to install the modules in /lib/modules/KERNELVERSION by doing the following:

make modules_install

Lastly you need to install the kernel:

make install


After you have installed the kernel you need to ensure you bootloader is configured correctly for the new kernel, and then reboot the machine.

There are plenty more options when installing the kernel, but with the make install command it does these all for you in one go.

 

Similar Articles : How to install ffmpeg on CentOS or Redhat Enteprirse Linux the easy way (Using RPMs/Yum) , Installing Pico on FreeBSD, Turck MMCache for PHP, Apache 2 Install and Upgrade Guide, lingerd - Setup and Installation, Howto mod_rewrite with Apache, Getting started with SSH Tutorial, How to install PRM (Process Resource Monitor), How to install ionCube loader, Apache Log Files Explained, Server Loads Explained, Guide to .htaccess tutorial and tips, Optimize and Tweak High-Traffic Servers, Common SSH Commands - Linux Shell Commands, Upgrade Guide From Red Hat 7.3 to 9.0, Changing Web Hosts? Step-By-Step Guide, Customizing PHP Safe Mode, Apache 2 PHP 4 and 5 (mod_php) on Linux - Apache2 PHP4 PHP5 Installation, Fantastico Error: enc_restrictions.inc.php is protected by SourceGuardian and requires file ixed.lin.4.X.X.pxp, 4.3.7.pxp, 4.3.8.pxp, 4.3.9.pxp error, How to Copy Files Across a Network/Internet in UNIX/LINUX (Redhat, Debian, FreeBSD, etc) - scp tar rsync, Fixing rndc error in WHM/cPanel: rnd: connection failed: connection refused, wget - how to use tuturial, cPanel Awstats Fix - Stoped Logging on single domain, How to Install Zend Optimizer/Encoder on cPanel/WHM, Upgrading CentOS 3.3 to 3.4 using yum, Redhat 7.3, 8.0, and 9.0 upgrade to CentOS 3 using yum (Red hat), Tutorial/HOW-TO: Kernel 2.6 Compilation with Grsecurity (grsec) - 2.6.5, 2.6.7, 2.6.8, 2.8.1, 2.6.9, 2.6.10, 2.6.11.6 , Repairing a mySQL Database/Table - How to restore/repair/recover, Flood Protection/DoS/DDoS Apache 1.3 and 2.0 - mod_dosevasive (Avoiding Denial of Service Attacks)

   
 

Quick Links: Debian Dedicated Servers, Direct Deposit Hosting, Unmetered Dedicated Servers, Virtual Dedicated Servers, Windows Server Management, High Traffic Web Hosting - Load Balanced Clusters