Page 1 of 1

kernel.org was penetrated, a risk for me ?

PostPosted: Sat Sep 03, 2011 1:30 am
by koshie-Final-Release
Hi,

To beginning I'm sorry for my poor level in English. Also I'm a new user of GrSecurity. And finally this thread's not entierely about Grsecurity, so sorry if I'm asked in the wrong place.

The 1st of this month I've downloaded the source code of Linux 2.6.32.46, AMD64 for my server on Debian Squeeze. With the guys of #grsecurity@OFTC (thanks a lot again [:<) I've configured, compiled and installed a new kernel, it works perfectly.

I've see on a french website about Linux (linuxfr.org) a news about Hera server, which has been penetrated by someone and some stuffs have been modified, since more than fourteen days… It would seem that doesn't exist a risk for the source code of Linux. But I'm a little bit scared about that.

My server will been used in production for my own project (to eat and get a life, you know the weird and mysterious thing near to your computer screen).

A lot of people says there is no risk. But I want to ask you people of Grsecurity because I think you are really concerned about security.

Can I, with Grsecurity, see if some anormal things happens from my kernel ? If someone have really modified the source code, Grsecurity, RBAC and other things can protect me from a possible problem (rootkits, backdoors…) of that kind ?

Do you think it's better to re-download and re-compile a new source code of Linux ?

Cordially, Koshie