Re: Frequent kernel panics

To: debian-user@lists.debian.org
Subject: Re: Frequent kernel panics
From: Nick Boyce <nick@glimmer.adsl24.co.uk>
Date: Mon, 16 Sep 2013 14:43:03 +0000
Message-id: <[🔎] 523718F7.60804@glimmer.adsl24.co.uk>
In-reply-to: <[🔎] 1379337311.78303.YahooMailNeo@web120504.mail.ne1.yahoo.com>
References: <[🔎] 1379004547.13579.YahooMailNeo@web120505.mail.ne1.yahoo.com> <[🔎] 3119712.uSSGlSyjQd@lxcl01> <[🔎] 20130912221321.5a055a02@eunet.rs> <[🔎] CADOnD37pYYxJfN8J6Y_eXdzoZeXAQyV--OFgrpnbGwHo1Ghp9g@mail.gmail.com> <[🔎] 1379337311.78303.YahooMailNeo@web120504.mail.ne1.yahoo.com>

On 16/09/2013 13:15, Dr. Jennifer Nussbaum wrote:

> Of course the computer hasnt crashed for the last four days now. I 
> did run some of the tests suggested, and everything checks out OK.
> 
> Theres no new hardware in the system, no new accessories. ... I dont
>  think that I installed any new software thats relevant.

I'm hesitant to suggest more paranoid possibilities in the absence of
more concrete evidence, but it seems worth one of us mentioning the
non-hardware, non-software possible cause (especially given the sporadic
timing and circumstances of the crashes) : there may be a Bad Guy
somewhere trying out an exploit technique to crack your system and gain
privileged access.

The kernel is pretty tough, but bugs are discovered fairly often which
may allow some form of unauthorised code execution or privilege
elevation.  The exploits for these bugs often contain "parameters"
(e.g. addresses of kernel functions or data structures) which the Bad
Guy must tweak for the particular kernel he's trying to break into, and
until the parameters are suitably tuned a common side effect of each
exploit attempt is a kernel crash.

The Bad Guy may either be remote (trying to break in across the network,
assuming your workstation has Net access), or may have already broken in
to your system via an unprivileged account, and be trying to elevate
privilege to root.

In the former case you would need to harden the kernel somehow: remove
unnecessary drivers or subsystems, firewall the system, etc.  In the
latter case, you would need to back up your data, wipe and reinstall the
system, and reinstall the data - and /then/ harden the system :)

> I know diagnosing sporadic problems is the hardest thing. But this
> is so frustrating. Maybe I should just build a new machine

Yes, maybe a new machine - flaky hardware is probably more likely (as
others point out) - but if a wipe & reinstall would be easy for you then
it may help to eliminate Bad Guy paranoia.

IMO we can't dogmatically advise that installing the latest kernel will
keep the Bad Guy out, cos often the relevant bugs only exist in newer
kernels.  By the same token, the bugs sometimes exist in old device
drivers that aren't receiving any developer-love any more cos they've
been superseded by a new driver-family.  But what may help is simply
*changing* the kernel version, either up or down.

[This is all probably a silly side-track, for which I apologise.  Bad
Guy attacks aren't that common.  It's just that you seem to have covered
all the other bases.]

Good luck.

Nick
-- 
Firefox 3.6? Dude we're on 8.0 now. You're like 3 weeks behind !

Reply to:

References:
- Frequent kernel panics
  - From: "Dr. Jennifer Nussbaum" <bg271828@yahoo.com>
- Re: Frequent kernel panics
  - From: Eike Lantzsch <zp6cge@gmx.net>
- Re: Frequent kernel panics
  - From: Marko Randjelovic <markoran@eunet.rs>
- Re: Frequent kernel panics
  - From: Erick Ocrospoma <zipper1790@gmail.com>
- Re: Frequent kernel panics
  - From: "Dr. Jennifer Nussbaum" <bg271828@yahoo.com>

Prev by Date: Choosing among "Desktop Enviroments" and/or "Windows Managers"
Next by Date: Re: looking for a font pkg that contains...
Previous by thread: Re: Frequent kernel panics
Next by thread: sid upgrade
Index(es):
- Date
- Thread