Honeypots mailing list archives

Previous By Date Next
Previous By Thread Next

Sebek Issues

From: Maximillian Dornseif <dornseif () informatik rwth-aachen de>
Date: Sun, 20 Feb 2005 11:36:04 +0100
We (mostly Ilja van Sprundel) found some issues in sebek-linux 2.1.7. They are mostly of academic nature but they might be of interest to anybody studying the issues with kernel rootkits.
Probably ne least academic thing is sebekill which allows any binary to hide from sebek-linux 2.1 

For details see http://blogs.23.nu/antlab/stories/6910/

Regards

Maximillian Dornseif

--
Maximillian Dornseif, Dipl. Jur.
Laboratory for Dependable Distributed Systems, RWTH Aachen University
Tel. +49 241 80-21431 - http://md.hudora.de/
Previous By Date Next
Previous By Thread Next

Current thread: