Re: single module compile
José,
Apreciar tus consejo, but I don't get your meaning completely...
(problema de semantico)
> Following insight into the automatic route table entries by kernel 2.2.20
> (thanks Bernd!)
> I have been advised to compile network interfaces on my firewall router as
> modules.
> This makes sense to me, as the cards can be ifup'ed and ifdown'ed on the
> fly, and
> additionally it is supposed to improve security vs. bad boys...(any
> comments regarding this?)
It's secure against the recent lkm exploits, as well as against the
undetectable rootkits which are implemented as loadable kernel modules.
But in order to do this, (the price to pay that is) you have to compile
every
used driver statically into the kernel, not just the network drivers, and
also,
disable loadable module support from the kernel.
This practice, at least over here, aids in improving sysadmin sleep at
night.
Do you mean that drivers should be compiled _into_ the kernel (statically) or
as modules (dynamic?) ? So, what practice are you suggesting and what are
the benefits (more or less) ?
> Well, now I face the challenge of adding an 8139too module for eth1.
> eth0 (eepro100.c) was modularised during kernel compile, as the driver is
> explicitly visible
> in menuconfig - but I could not see rtl8139 or 8139too anywhere in the
> menu.
You´d be better off with a 2.4.21 kernel, in a recent Debian weekely
news note
<http://www.debian.org/News/weekly/2003/24/> there's a link to an
explanation
on using kernel-package, or you could compile your own kernel in the good 'ol
way (as is suggested in the kernel howto).
Well, this has been suggested to me many times now, so fine then -
Me and Kernel 2.4.x will spend Sunday night...
Can anyone still drop a line about compiling modules after _after_ kernel
compile?
Regards,
Shango
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.489 / Virus Database: 288 - Release Date: 10/06/2003
Reply to: