My host suggested I post the following question
"the processor specs of the server you're on Quad Core Intel Xeon CPU L5420 @ 2.50GHz. However, I might suggest that you ask in the ASL forums whether or not ASL will run properly on a virtual server, since you do not have access to modify the kernel directly."
Also how do I check the "Before You Start" info
Dedicated systems will be using the ASL hardened kernel. Depending on the distribution you are running, this can involve changes in the names of core modules on the system involved with SATA, SCSI, and Network card modules.
Known issues:
1and1 network card module name changes
Vmware SCSI emulation name changes
1and1 Checklist for /etc/modules.conf or /etc/modprobe.conf
Step 1) Enumerate hardware with /sbin/lspci
Step 2) Check network cards,
Ethernet controller: VIA Technologies, Inc. VT6102 [Rhine-II] was
alias eth0 8139too
change to
alias eth0 via-rhine
Step 3) Check SATA modules
I am new to such an install and I am lost by the above guidelines
Any guidance would be awesome
Philip
Kernal Access & Installation Question
-
scott
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: Kernal Access & Installation Question
The first question then would be what kind of virtualization are you using? Xen, Vmware, virtuozzo, etc?
The ASL kernel is available for :
- a dedicated system, ie a regular server that is not virtualized
- a virtual server using vmware, this is also known as "hypervisor" or "full" virtualization. It will probably work in other systems that use full/hypervisor virtualization like kvm/qemu, etc.
The kernels are not available for guests in:
- xen virtualization, also known as "paravirtualization". These use special para-virt kernels
- vserver, openvz, virtutuozzo. Also known as "container" virtualization. These do not have kernels at all, and hence no kernel changes can be applied in separate containers.
Assuming you are on the latter two what does this mean for you? It means that while the kernel level protections in ASL are not available, it does mean you will be able to take advantage of the other features like the web application layer firewall, userspace IDS, vulnerability scanner, application inventory, etc.
The ASL kernel is available for :
- a dedicated system, ie a regular server that is not virtualized
- a virtual server using vmware, this is also known as "hypervisor" or "full" virtualization. It will probably work in other systems that use full/hypervisor virtualization like kvm/qemu, etc.
The kernels are not available for guests in:
- xen virtualization, also known as "paravirtualization". These use special para-virt kernels
- vserver, openvz, virtutuozzo. Also known as "container" virtualization. These do not have kernels at all, and hence no kernel changes can be applied in separate containers.
Assuming you are on the latter two what does this mean for you? It means that while the kernel level protections in ASL are not available, it does mean you will be able to take advantage of the other features like the web application layer firewall, userspace IDS, vulnerability scanner, application inventory, etc.
-
mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4155
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: Kernal Access & Installation Question
Yes, ASL will install and run just fine in a virtual server. The only feature you will be missing is the secure kernel, because, as your hosting provider said, they will not allow you to install that feature.However, I might suggest that you ask in the ASL forums whether or not ASL will run properly on a virtual server, since you do not have access to modify the kernel directly."
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone