Index
Overview
The Spectre and Meltdown security vulnerabilities do not target the Statseeker product, rather they target the underlying operating system (OS) and hardware. As such the fixes for these issues were produced by the OS developers, Statseeker is simply including their fixes with the version of FreeBSD that is bundled with Statseeker. For more information on this issue, refer to the FreeBSD website (https://www.freebsd.org/).
Requirements
The version of FreeBSD which contains the fixes was distributed with Statseeker v5.4.2. In order to enable these fixes your Statseeker server must be v5.4.2 or higher.
Enable\Disable the Meltdown Fix
The Meltdown fix should be enabled by default on all Statseeker v5.4.2 (and above) servers. To check if the Meltdown fix is enabled on your Statseeker server:
- SSH to the Statseeker server
- Check the current state of the Meltdown fix with the following command
$ sysctl -a | grep pmap.pti
The response will contain the reference:
vm.pmap.pti:{value}
with a value of 1, indicating that the fix is enabled, and 0 indicating that it is not enabled.
You can alter the current state of the fix by:
- Modifying /boot/loader.conf
- Add a line for vm.pmap.pti: setting the value of 1 to enable, 0 to disable
- Reboot your Statseeker server
Enable\Disable the Spectre Fix
To check if the Spectre fix is enabled on your Statseeker server:
- SSH to the Statseeker server
- Check the current state of the Spectre fix with the following command
$ sysctl hw.ibrs_active
The response will contain the reference:
hw.ibrs_active:{value}
with a value of 1, indicating that the fix is enabled, and 0 indicating that it is not enabled.
You can alter the current state of the fix by:
- Modifying /boot/loader.conf
- Add a line for hw.ibrs_active: setting the value of 1 to enable, 0 to disable
- Reboot your Statseeker server