Atomic Secured Kernel Modules

AED Kernel Modules List

• The following is a list of kernel modules that AED will force load on boot. This includes both modules that AED may use, as well as modules that are commonly used by other applications and should be loaded by default before the kernel is locked.

  • ip_tables

  • iptable_filter

  • iptable_nat

  • iptable_mangle

  • nf_nat

  • iptable_raw

  • x_tables

  • ipt_stealth

  • ipt_owner

  • ipt_REJECT

  • ipt_recent

  • ipt_REDIRECT

  • xt_tcpudp

  • xt_conntrack

  • nf_conntrack

  • nf_conntrack_ipv4

  • nf_conntrack_netbios_ns

  • nf_conntrack_broadcast

  • nf_conntrack_ftp

  • nf_conntrack_sane

  • nf_nat_ftp

  • nf_conntrack_sip

  • xt_state

  • xt_length

  • xt_recent

  • xt_limit

  • xt_mac

  • xt_physdev

  • xt_quota

  • xt_pkttype

  • xt_multiport

  • xt_mac

  • xt_MARK

  • xt_mark

  • xt_DSCP

  • xt_dscp

  • xt_tcpmss

  • xt_TCPMSS

  • xt_mark

  • xt_connlimit

  • xt_hashlimit

  • xt_connbytes

  • xt_connmark

  • xt_string

  • xt_owner

  • xt_iprange

  • xt_gradm

  • xt_TRACE

  • ipt_ECN

  • ipt_ecn

  • ipt_LOG

  • xt_CHAOS

  • xt_TEE

  • xt_pknock

  • xt_psd

  • xt_TARPIT

  • xt_fuzzy

  • xt_geoip

  • xt_lscan

  • xt_DELUDE

  • xt_pkttype

  • xt_comment

  • xt_NFQUEUE

  • nfnetlink_queue

  • nfnetlink

  • ipt_MASQUERADE

  • xt_u32

  • nfnetlink_log

  • tun

  • fuse

  • cifs

  • inet_diag

  • tcp_diag

  • aes_generic

  • aes_x86_64

  • twofish_x86_64

  • twofish_common

  • sha256_generic

  • cbc

  • ecb

  • dm_crypt

  • crypto_blkcipher

---

Does AED need all of these modules loaded?

• No. Most of these modules are force loaded because they are used by other parts of the operating system. AED only “needs” whatever modules the OS needs to work correctly for a specific configuration and use. Everyones system is different, so this a minimum set based on experience.