Vulnerability Development mailing list archives
Re: Positive uses for rootkits
From: Ben Ford <bford () ERISKSECURITY COM>
Date: Mon, 26 Mar 2001 06:25:21 -0800
I believe Medusa DS9 is capable of stopping this attack. http://freshmeat.net/search/?q=medusa -b The Attitude Adjuster wrote:
On Sun, 25 Mar 2001, Dick Visser wrote:On Fri, 23 Mar 2001, Jonathan James wrote:With Kernel Modules installed you've generally got 100% control of the current hosting operating system.So that's why I think it's better to build a minimal, static kernel without modules support. And once your kernel is OK and running, remove the .config file from your kernel source tree. If someone does get in andEven so, once you've got root/superuser/Adminsitrator/Ring-0 (take your pick as appropriate) access, you can patch the kernel binary in memory if you really want to. It's a no-win scenario, as long as a user is capable of executing arbitary code as "kernel mode". OTOH, if the operating system were designed such that there was no avenue for arbitary code to ever be executed as "kernel mode", it would be a "winnable" game. What types (if any) of x86-based operating systems are there that are designed in this manner? I'm showing my ignorance here in not being able to articulate the formal name of this type of design. __ __ __ / /-//-/ The Attitude Adjuster http://www.peeved.org ...so terribly unfashionable media productions...
Current thread:
- Re: Positive uses for rootkits, (continued)
- Re: Positive uses for rootkits Gregor Binder (Mar 23)
- Re: Positive uses for rootkits Cedric Blancher (Mar 23)
- Re: Positive uses for rootkits Jason Nicholls (Mar 23)
- Re: Positive uses for rootkits Jonathan James (Mar 25)
- Re: Positive uses for rootkits Dick Visser (Mar 25)
- Re: Positive uses for rootkits Ron DuFresne (Mar 25)
- Re: Positive uses for rootkits Daniel R. Warner (Mar 25)
- Re: Positive uses for rootkits -> off-topic: booting tricks. Alex Schütz (Mar 27)
- Re: Positive uses for rootkits -> off-topic: booting tricks. ze Snark (Mar 28)
- Re: Positive uses for rootkits Dick Visser (Mar 25)
- Re: Positive uses for rootkits The Attitude Adjuster (Mar 25)
- Re: Positive uses for rootkits Ben Ford (Mar 28)
- Re: Positive uses for rootkits Big Woz (Mar 28)
- Re: Positive uses for rootkits Renee Teunissen (Mar 26)
- Re: Positive uses for rootkits Dick Visser (Mar 26)
- The use of immunix Renee Teunissen (Mar 26)
- Re: Positive uses for rootkits Ben Ford (Mar 27)
- Re: Positive uses for rootkits Martin 'Goran' Moravec (Mar 28)
- Re: Positive uses for rootkits Kev (Mar 28)
- Re: Positive uses for rootkits Ryan Permeh (Mar 29)
- Kernel-level security (was Re: Positive uses for rootkits) Craig Boston (Mar 29)
- Re: Positive uses for rootkits Gregor Binder (Mar 29)