Re: Working ROOTKIT

["Terry Cutler" <jedi31337 () gmail com>]

Great links all, thanks a billion...now for another twist (wouldn't be
IT without it), it's gotta work on Suse Linux enterprise Server SP2.

I'll try a few of these in the mean time.

On Thu, Oct 9, 2008 at 10:14 PM, Andre' - SemperSecurus
<sempersecurus () gmail com> wrote:
> Heya Terry,
>
> For starters, you could find and try:
> RatHole
> SucKIT
> Mood-NT 2.3
> Enyelkm
> Override
> Phalanx
>
> I'm pretty sure they'll all compile and run under 2.6 kernels.
>
> Andre'
>
> --
> Andre' M. Di Mino - SemperSecurus
> The Shadowserver Foundation
> adimino () shadowserver org
> http://www.shadowserver.org
> Skype: sempersecurus
> AIM: sempersecurus
>
> On Thu, Oct 9, 2008 at 4:47 PM, Terry Cutler <jedi31337 () gmail com> wrote:
> > Hey everyone, hope you're having a great week so far. I was wondering
> > if anyone knew of a working Linux ROOTKIT I could use to demonstrate
> > in a Security course I'm putting together. I'm not looking for ROOTKIT
> > revealers, but the actually malware.
> >
> > Thanks so much in advance !
> >
> > --
> > ./Terry Cutler
> > Master CNE , CDE, CLP, Certified Ethical Hacker
> >
> > ------------------------------------------------------------------------
> > This list is sponsored by: Cenzic
> >
> > Security Trends Report from Cenzic
> > Stay Ahead of the Hacker Curve!
> > Get the latest Q2 2008 Trends Report now
> >
> > www.cenzic.com/landing/trends-report
> > ------------------------------------------------------------------------



-- 
./Terry Cutler
Master CNE , CDE, CLP, Certified Ethical Hacker

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------