Atomicorp

I just installed CentOS5 fresh on my 1and1 server along with Plesk 8.3 and ASL and I am getting these alerts from OSSEC on a daily basis and I don't know what they mean...

Apr 8 08:00:49 246810 modprobe: WARNING: Error inserting x_tables (/lib/modules/2.6.23.1-3.art/kernel/net/netfilter/x_tables.ko): Operation not permitted

Apr 8 08:00:49 246810 kernel: grsec: From 68.106.**.***: denied modification of module state by /sbin/modprobe[modprobe:15324] uid/euid:0/0 gid/egid:102/102, parent /sbin/iptables[iptables:15323] uid/euid:0/0 gid/egid:102/102

Any help is appreciated!

Thanks!

The ASL kernel does not allow loading kernel modules at runtime. Apparently iptables is trying to load the x_tables module, but grsec is blocking this.

We try and force the loading of those in /etc/init.d/asl-mod. Normally they are loaded by the scripts (like the firewall script) that runs before asl-mod. The system will allow modules to be loaded until asl-mod turns module loading off. This is why it runs last (/etc/rc3.d/S99asl-mod).