Vulnerability Development mailing list archives
Re: [VULN-DEV] Positive uses for rootkits
From: Peter Pentchev <roam () orbitel bg>
Date: Wed, 18 Jul 2001 19:40:02 +0300
On Fri, Mar 23, 2001 at 07:14:45PM +0800, Chih hung Feng wrote:
on 3/22/2001 2:58 AM, Daniel McCranie at sfml () SNEAKERNETSECURITY COM wrote:3,4,5: I know that this probably wouldn't be good in a standard distro but what about a hardening kit? Has this been tried before? Is there something blatantly wrong?Some systems, like FreeBSD, set immutable flags for all setuid program by default. However this doesn't give you extra security cause the system runs in insecure mode after installation is finished (I don't recall FreeBSD provides secure-level options during installation).
It does, since 4.2-RELEASE. It lets you configure the 'security profile' of the installed/upgraded system, with four choices: Low, Medium, High and Extreme. Among other things (inetd/sendmail/portmap/NFS/sshd), the security profile sets the securelevel. G'luck, Peter -- "yields falsehood, when appended to its quotation." yields falsehood, when appended to its quotation.
Current thread:
- Re: [VULN-DEV] Positive uses for rootkits Peter Pentchev (Jul 18)