On Mon, Jul 02, 2001 at 09:46:35AM -0400, Robert Anderson wrote:
>
> If you're using modules you can force the order for two different
> ethernet cards like I have below. I'm using a 3Com and a Netgear card
> and wanted them in a specific order for my home firewall. Here's the
> file and lines I added. Note that the "3c509" and "tulip" are module
> names. You can get those names with a "/sbin/lsmod" command once the
> cards are working.
>
> file: "/etc/modules.conf"
>
> alias eth0 3c509
> alias eth1 tulip
This requires that you run a modular kernel. On a machine connected
directly to the Internet, or wherever security is a concern, I would
highly recommend against using a modular kernel. Using a modular
kernel can open you up to a variety of cool attacks, like herion and
Knark:
http://www.dataguard.no/bugtraq/1997_4/0059.html
http://www.sekure.net/~happy-h/progz/knark-0.50.tar.gz
These are kernel modules that an attacker can insert into your running
kernel to hide their activity, and/or hide backdoors and malicious
programs they've left behind, making it extremely difficult to
identify that your system has been compromised. There are other
interesting and nasty kernel modules, too...
--
---------------------------------------------------
Derek Martin | Unix/Linux geek
[EMAIL PROTECTED] | GnuPG Key ID: 0x81CFE75D
Retrieve my public key at http://pgp.mit.edu
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
