Honeypots mailing list archives
Sebek Issues
From: Maximillian Dornseif <dornseif () informatik rwth-aachen de>
Date: Sun, 20 Feb 2005 11:36:04 +0100
We (mostly Ilja van Sprundel) found some issues in sebek-linux 2.1.7. They are mostly of academic nature but they might be of interest to anybody studying the issues with kernel rootkits.
Probably ne least academic thing is sebekill which allows any binary to hide from sebek-linux 2.1
For details see http://blogs.23.nu/antlab/stories/6910/ Regards Maximillian Dornseif -- Maximillian Dornseif, Dipl. Jur. Laboratory for Dependable Distributed Systems, RWTH Aachen University Tel. +49 241 80-21431 - http://md.hudora.de/
Current thread:
- Sebek Issues Maximillian Dornseif (Feb 20)