Reading the Linux 2.4 development tree
Linux 2.4 is in pre-release. I have spent a few evenings reading the development snapshot and running it on a test machine. The shape of the next decade of Linux is becoming clear.
Notes from the field
Writing
Long-form thinking on cyber defence, detection, and resilience — from Slackware-era honeypots through to AI-driven SOC analytics.
Showing posts tagged linux kernel — 7 results.
Reading the netfilter design
The 2.4 kernel's new firewall framework, netfilter, has been in development for over a year. Reading the design documents this week has clarified what the next decade of Linux firewalling is going to look like.
Linux capabilities, slowly becoming usable
POSIX capabilities have been in the Linux kernel since 2.2. The user-space tooling has been catching up slowly. A walk through what they are, what they enable, and where the rough edges still are.
Reading SYN cookie code in detail
Every defender should read the SYN cookies implementation in the Linux kernel at least once. It is short, clever, and a perfect example of a real-world cryptographic trick. A walk through the actual code.
Slackware 4.0 first impressions
The first major Slackware release of the 2.2 kernel era is here. After a fortnight of running it, the headline change is not the kernel — it is what becomes possible above it.
ipchains arrives, and the firewall improves
The 2.2 kernel ships ipchains, a new firewall framework that replaces ipfwadm. The interface is cleaner, the semantics are sharper, and the rule language is finally coherent. A walk through the upgrade.
Reading the kernel network stack
An evening spent reading the actual source code of the Linux kernel's TCP handling. What I expected to find versus what I actually found, and why every networking person should do this once.