SentinelOne this week released Blacksmith, a free Linux tool that can detect Meltdown vulnerability exploitation attempts, so system administrators can stop attacks before they take root.
The company has been working on a similar tool to detect Spectre vulnerability attacks.
Though free, Blacksmith is not open source. SentinelOne decided to expedite its development in-house to save time, said Raj Rajamani, vice president of project management.
The company has made the tool available to everyone for free in the hope of securing Linux systems while reliable patches are developed, he told LinuxInsider.
The Meltdown vulnerability affects Intel chips and Linux-based systems. A similar design flaw, Spectre, affects AMD and ARM chips. No comprehensive solutions currently are available for either flaw.
Meltdown is a design flaw in all Intel chips produced in the last decade. It creates a vulnerability that puts Linux, Windows and macOS-powered computers at risk. The flaw is in the kernel that controls the chip performance that allows commonly used programs to access the contents and layout of a computer’s protected kernel memory areas.
Two key factors influenced SentinelOne to prioritize the Linux version of the tool. Linux is very susceptible to such attacks, with no comprehensive solution available. Also, Linux is the preferred OS of the world’s top supercomputers. That makes Linux a high-value target for attackers.
Those reasons made it clear that it was critical to help secure Linux environments as quickly and effectively as possible, said Migo Kedem, SentinelOne’s director of product management.
Source: https://www.linuxinsider.com/story/Free-Linux-Tool-Monitors-Systems-for-Meltdown-Attacks-85094.html
Submitted by: Arnfried Walbrecht
Comments are closed.