Chapter 7. Configuring and Building a Secure, Optimized Kernel

Table of Contents

1. Pre-Install
1.1. Make an emergency boot floppy
2. Uninstallation and Optimization
3. Securing the kernel
4. Compilation
5. Kernel configuration -Part "A"
6. Kernel configuration -Part "B"
7. Kernel configuration -Part "C"
8. Kernel configuration -Part "D"
9. Kernel configuration -Part "E"
10. Installing the new kernel
11. Delete programs, Edit files pertaining to modules
12. Create a emergency Rescue and Boot floppy disk

Well, our Linux server seems to be getting in shape now! But wait, what is the most important part of our server? Yes, it's the kernel. The Linux kernel is the core of our operating system, and without it there is no Linux at all. So we must take care of our kernel and configure it to fit our needs and compile just features we really need. The first thing to do next is to build a kernel that best suits your system. It's very simple to do but, in any case, refer to the README file in the /usr/src/linux/ directory. When configuring your kernel only compile in code that you need and use. Few main reasons that come to mind are;

  • The Kernel will be faster less code to run,

  • You will have more memory, Kernel parts are NEVER swapped to the virtual memory,

  • More stable. Try probing for a non-existent card?,

  • Unnecessary parts can be used by an attacker to gain access to the machine or other machines on the network.

  • Modules are also slower than support compiled directly in the kernel.