Increasing kernel security

James Turnbull

Published: 01 Nov 2006

What are some block and character devices available for increasing my kernel security?

The principal block and character devices related to kernel security are /dev/random and /dev/urandom. These devices allow the retrieval of random data for use in generating cryptographic keys and other applications that require secure random numbers. For example, they are used when generating SSH keys.

The /dev/random is a high entropy device that requires user-generated input for output randomness, like hitting the keyboard. If it can't get sufficient input, it will block until sufficient input is available. In comparison, if /dev/urandom hasn't got sufficient input, it will return a strong hash of what input it has. This is allegedly slightly less secure than the /dev/random model, but any attack that exploited it, while feasible, would be hard to initiate.

You can read about these devices in more detail here.

Dig Deeper on Linux servers

Related Q&A from James Turnbull

OSSEC implementation in Windows

A user wants to implement OSSEC on a Windows server because he has no server side Linux operating system. Continue Reading

Solaris 10 Trusted Extensions vs. SELinux

Solaris 10 Trusted Extensions and SELinux are best suited to different system requirements and administrator skill sets. Our security expert explains... Continue Reading

Spamassassin and dspam on Postfix

Configuring spam filters Spamassassin and dspam together in the email server Postfix is easy with the resources listed by our security expert. Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Data Center experts

View all Data Center questions and answers

SearchWindowsServer

Battle lines over Windows Server 2008 migration drawn

Microsoft and AWS stepped up their ongoing battle promoting a variety of Windows Server 2008 migration tools in hopes of luring ...

Build a PowerShell logging function for troubleshooting

A basic administrative skill is checking over logs to find out why something broke. Learn how to build a proper logging mechanism...

January Patch Tuesday fixes cryptography bug found by NSA

The U.S. National Security Agency shared information with Microsoft about a significant spoofing vulnerability in Windows that ...

SearchServerVirtualization

An introduction to VMware vRealize Operations Cloud

VMware is set to release a cloud-based management software as a service in 2020, which uses predictive analytics and AI features ...

Compare vCenter Foundation vs. Standard before implementing

VMware's vCenter software comes in two different versions: Foundation and Standard. Both enable SMBs to create hosts and VMs, but...

Red Hat Virtualization 4.3 updates to Cockpit are minor, but beneficial

Cockpit hasn't seen many changes with the latest RHV 4.3 update, but it still provides beneficial capabilities, such as the ...

SearchCloudComputing

Google Cloud support premium tier woos enterprise customers

Google Cloud has rolled out a new Premium Support offering aimed at deep-pocketed enterprises with larger, more complex ...

Confidential computing promises secure cloud apps

Adopt confidential computing to protect sensitive data in the cloud. Learn the basics about these technologies and evaluate ...

A comprehensive Azure instance comparison for your workloads

When it comes to choosing the best Azure compute instance for your workload, the options can be overwhelming. Use these tips to ...

Increasing kernel security

Dig Deeper on Linux servers

system software

How entropy sources help secure applications with SDLC

Use APM tools to find app anomalies, wherever they occur

buffer overflow

Related Q&A from James Turnbull

OSSEC implementation in Windows

Solaris 10 Trusted Extensions vs. SELinux

Spamassassin and dspam on Postfix

Have a question for an expert?

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchWindowsServer

Battle lines over Windows Server 2008 migration drawn

Build a PowerShell logging function for troubleshooting

January Patch Tuesday fixes cryptography bug found by NSA

SearchServerVirtualization

An introduction to VMware vRealize Operations Cloud

Compare vCenter Foundation vs. Standard before implementing

Red Hat Virtualization 4.3 updates to Cockpit are minor, but beneficial

SearchCloudComputing

Google Cloud support premium tier woos enterprise customers

Confidential computing promises secure cloud apps

A comprehensive Azure instance comparison for your workloads

Related Resources

Dig Deeper on Linux servers

system software

How entropy sources help secure applications with SDLC

Use APM tools to find app anomalies, wherever they occur

buffer overflow

Related Q&A from James Turnbull

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.