This part will be describing you about the loadable Linux kernel modules. LKM is a very useful things in Linux Administration. It is helpful to reprogram the kernel without recompiling or restart. We can add video & other device drivers in the system without rebooting the system.
LKM is very critical in terms of a hacker because if someone loads a new module to the kernel then not only we can get the admin access but we will be able to control the disk space, processes & ports of the system.
If we provide the user or admin with a new improved software which can take controls of his kernel, then he can easily take over the control of the particular system.
After knowing this, you will become a better system admin or a better hacker.
Kernel Module
Kernel is the heart of an Operating system like Linux. Kernel controls everything in the Linux system. It controls the hardware interactions & other software issues in the computer. Precisely it acts as a mediator between user applications & the hardware of the system.
Kernel is updated sometimes when it is needed. The task it does for the system are changed or updated sometimes when a new device driver comes. This time a LKM comes into the frame. Here we can load or unload kernel modules without recompiling.
Check Kernel
To find which version of kernel is running on our system, there are two methods i.e.
First method is
uname -a
Second method is by using cat command.
cat /proc/version
Kernel Tuning with Sysctl
There are some situations where the kernel needs to be tuned by the admin. This can be done because of changing memory location, setting network configuration or sealing kernel from hackers.
Also Read : Learn basics of Linux hacking for hacking aspirants Part 11
In the modern times, the command sysctl is used to tune kernel. All the changes made by the admin will be effective until the next reboot. You can also save the changes after the reboot. This can be done by editing the /etc/sysctl.conf file.
But be sure you must know enough about the command else you will make your system unbootable.
To check the contents of the file.
sysctl -a |less
Displays the configuration file.
less /etc/sysctl.conf
Kernel Modules
- The command used to manage kernel modules is insmod.
- To insert a modules use insmod & to remove a module use rmmod.
- To list all the mdules installed in the kernel.
lsmod
Modprobe
This command will let you see the installed modules in the system.
modprobe -l
remove a module using this command.
modprobe -r
To use these commands we need to understand modules, dependency & other options
ls -l /etc/modprobe.d/
LKM is one of the powerful feature of Linux & the weakest part for the security. A hacker or an admin must be aware to working with this.
Also Read : Learn basics of Linux hacking for hacking aspirants Part 10
That done for now. Like us on Facebook for more Updates & the next part.
