Bug#277736: NAPI not enabled - should be
Package: kernel-image-2.6.8-1-386
Severity: normal
Tags: security
[ Filed with reportbug, but not specific to this system. ]
Hello,
CONFIG_E1000_NAPI, CONFIG_E100_NAPI, etc., all appear to be disabled in
the kernel configuration (for at least i386). This option allows boxes
that would otherwise choke in a denial of service attack (or just heavy
load) to survive (making this a security issue) with load on the order
of five times higher or more.
I have personally tested CONFIG_E1000_NAPI, CONFIG_E100_NAPI, and TG3
NAPI on many servers and core routers and have found it to be both
extremely important and completely stable.
Other distributions (eg: Red Hat ES) do appear to have this option
enabled in the default kernels.
For more information, see linux/Documentation/networking/NAPI_HOWTO.txt.
Simon-
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.9-rc3-web
Locale: LANG=C, LC_CTYPE=C
Reply to: