Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-10-01 08:25:45 -04:00
Code Issues Packages Projects Releases Wiki Activity

Disable some Intel Platform Monitoring Technology Telemetry (PMT) modules

Browse Source
This commit is contained in:
Raja Grewal 2024-07-15 22:38:43 +10:00
parent 61941da375
commit 724435e56e
No known key found for this signature in database
GPG Key ID: 92CA473C156B64C4
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -156,6 +156,9 @@ disabling should first be blacklisted for a suitable amount of time.
- Intel Management Engine (ME): Provides some disabling of the interface between the
Intel ME and the OS.
- Intel Platform Monitoring Technology Telemetry (PMT): Disable some functionality
of the Intel PMT components.
- Network File Systems: Disable uncommon and legacy network file systems.
- Network Protocols: Wide array of uncommon and legacy network protocols are disabled.

9
etc/modprobe.d/30_security-misc_disable.conf
View File

@ -70,6 +70,15 @@ install gnss-usb /usr/bin/disabled-gps-by-security-misc
install mei /usr/bin/disabled-intelme-by-security-misc
install mei-me /usr/bin/disabled-intelme-by-security-misc
## Intel Platform Monitoring Technology Telemetry (PMT):
## Disable some functionality of the Intel PMT components.
##
## https://github.com/intel/Intel-PMT
##
install pmt_class /usr/bin/disabled-intelpmt-by-security-misc
install pmt_crashlog /usr/bin/disabled-intelpmt-by-security-misc
install pmt_telemetry /usr/bin/disabled-intelpmt-by-security-misc
## Network File Systems:
## Disable uncommon network file systems to reduce attack surface.
##