Vulnerability Development mailing list archives
Re: Positive uses for rootkits
From: "Martin 'Goran' Moravec" <goran () UCW CZ>
Date: Tue, 27 Mar 2001 23:16:52 +0200
That is a great strategy to follow. Take it another step tho. If this is a server we are talking about, don't even put devel. tools on the box. Build your small static kernel elsewhere and copy it to the box. There *are* wasy around this, but you gotta be good. If you play with memory locations directly, there are ways to load a module even on a static monloitic kernel.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ HOW ?! (with modules disabled) seems insane to me, although I'm not a kernel hacker.
But as I said, you gotta be real good. Read that as "no script kiddies" -b
Goran
Current thread:
- Re: Positive uses for rootkits, (continued)
- Re: Positive uses for rootkits Daniel R. Warner (Mar 25)
- Re: Positive uses for rootkits -> off-topic: booting tricks. Alex Schütz (Mar 27)
- Re: Positive uses for rootkits -> off-topic: booting tricks. ze Snark (Mar 28)
- Re: Positive uses for rootkits The Attitude Adjuster (Mar 25)
- Re: Positive uses for rootkits Ben Ford (Mar 28)
- Re: Positive uses for rootkits Big Woz (Mar 28)
- Re: Positive uses for rootkits Renee Teunissen (Mar 26)
- Re: Positive uses for rootkits Dick Visser (Mar 26)
- The use of immunix Renee Teunissen (Mar 26)
- Re: Positive uses for rootkits Ben Ford (Mar 27)
- Re: Positive uses for rootkits Martin 'Goran' Moravec (Mar 28)
- Re: Positive uses for rootkits Kev (Mar 28)
- Re: Positive uses for rootkits Ryan Permeh (Mar 29)
- Kernel-level security (was Re: Positive uses for rootkits) Craig Boston (Mar 29)
- Re: Positive uses for rootkits Gregor Binder (Mar 29)
- ICQ exploit Geo. (Mar 28)
- Re: ICQ exploit Jonathan James (Mar 28)
- Re: ICQ exploit Mikko Ruskola (Mar 28)
- Re: ICQ exploit Knud Erik Højgaard - CyberCity Support (Mar 28)
- Re: ICQ exploit John (Mar 28)