Attendees
- Arne
- Stefan
- Michael
- Peter
Log
Major infrastructure outage on 2018-08-29
- Was caused due to installing updates on one host
- All services went down for several hours
- Some servers need to be booted manually, everything important is up again
- Infrastructure mailinglist post
Moving to Suricata
- Some major bugs occurred during development
- CGI is currently poorly documented, still some work to do
-
Basic tasks (starting, blocking, ...) works
-
Peter looks at the configuration at 2018-09-15/16
- IDS bypass setting is useful for testing, but should be removed in production
Core Update 123
- Was rebuilt three times
- Some major bugs fixed (missing files for ARM)
- Intel published new microcodes with changed licence
- Mitigating CVE-2018-3640 requires kernel upgrades, which are scheduled for C124
- Looks good so far, but upload server is currently still down
Core Update 124
- EFI has been merged, absolutely no testing feedback
- New kernel scheduled
CPU vulnerabilities & Kernel security
- Disabling HyperThreading does not solve the underlying problem
- Some vulnerabilities need BIOS updates (huge problem)
-
Current Linux kernel situation is very confusing
- Kernel developers need to sign various NDAs
- It is basically all shit and falling into pieces
- ARM64 looks like a good alternative, but process is slow
-
Kernel self protection still needs some work (#11659)