Linux io_uring Proof-of-Concept Rootkit Bypasses System Call-Based Threat Detection Tools

Shake Network Technology NewsClick the right to follow for the latest technology news! Cybersecurity researchers recently demonstrated a proof-of-concept (PoC) Rootkit named “Curing” that utilizes the Linux asynchronous I/O mechanism io_uring to bypass traditional system call monitoring. 01 Significant Blind Spots in Security Tools ARMO stated that this leads to “significant blind spots in Linux … Read more

IT Knowledge Base | Issue 78: The Directory Structure of Linux

The more you act, the more you know; the deeper your knowledge, the further you can go. To stimulate students’ interest and enthusiasm for studying information technology, the School of Information Technology has specially launched the “IT Knowledge Base” column. Continuous effort, like water dripping through stone, conveys the pulse of information, cultivates social talents, … Read more

Linux File Descriptors: The Core Mechanism of System I/O Operations

1. Overview of File Descriptors In Linux and other Unix-like operating systems, file descriptors are a core concept that provides a unified interface for programs to interact with files, devices, and other input/output (<span>I/O</span>) resources. Simply put, a file descriptor acts like a “ticket” or “handle” for programs to access these resources. Whenever a program … Read more

Exposing Linux Security Blind Spots: The io_uring Mechanism Can Bypass Mainstream Detection Tools

Shake Network Technology NewsClick the right to follow for the latest technology news!The ARMO research team recently disclosed significant flaws in Linux runtime security tools, confirming that the io_uring interface allows rootkits (kernel-level malware) to bypass conventional monitoring solutions.Tests show that mainstream tools, including Falco, Tetragon and even Microsoft Defender for Endpoint, are unable to … Read more

Linux Power Management (4) – Power Management Interface

Original:https://mp.weixin.qq.com/s/JX5PS7Cxs9mRzzl96cwzRg 1. Introduction A significant portion of Linux power management deals with functionalities such as Hibernate, Suspend, and Runtime PM. These functionalities are based on a similar logic, known as the “Power Management Interface.” The code for this interface is implemented in files such as “include/linux/pm.h” and “drivers/base/power/main.c.” Its main functions are: to define Device … Read more

Common Operations of Linux LVM

Common Operations of Linux LVM LVM (Logical Volume Manager) is a logical volume manager in Linux used for managing disk storage. It abstracts physical hard disk partitions into Physical Volumes (PV), combines them into Volume Groups (VG), and then divides them into Logical Volumes (LV). LVM supports dynamic resizing of volumes, snapshots, striping, and other … Read more

Linux stat Command

Linux <span>stat</span> Command <span>stat</span> is a powerful command-line tool in Linux systems used to display detailed information about files or file systems. It provides metadata about files, such as file size, permissions, timestamps, etc., making it an essential tool for system administrators, developers, and advanced users. What is the <span>stat</span> Command? <span>stat</span> is part of … Read more

Linux Privilege Escalation Techniques (Part 1)

• 1. Basics of Linux Permissions • Linux Permission Management • Linux Security Mechanisms • 2. Understanding Various Shells • Interactive Shell and Non-Interactive Shell • Forward Shell and Reverse Shell • Common Reverse Shell Commands • 3. Information Gathering in Linux • Manual Enumeration of Basic Linux Information • Automated Enumeration of Basic Linux … Read more

Common Linux Network Configuration Commands and Examples

1. Network Interfaces 1.1 Configuring IP Address yum install net-tools # Use ifconfig ifconfig eth0 192.168.1.3 netmask 255.255.255.0 # Add ipv6 address ifconfig eth1 add 240e:981:f200::100/64 # Add network card alias ifconfig eth0:0 192.168.1.10 # Use ip command to add/remove an IP ip addr add 192.168.1.4/24 dev eth0 ip addr del 192.168.1.4/24 dev eth0 The … Read more