Re: Rootkit?
Hello,
>just need to find one that offers additional protection WITHOUT
> needing a whole bunch of new config files to make and set,
I got stuck waiting for updated Kernel Security-Patches when new kernels are
released, so i use libsafe
(http://www.research.avayalabs.com/project/libsafe/) which seems to run nice
even in production environment.
Until now i only found one Binary not running, hwclock. This will be
terminated by libsafe because it seems to do nasty stuff :)
Bute there is an 'exclude these binarys please' file where this could be
specified....
ta@domainbox.de
the countless lonely voices, like whispers in the dark...
Reply to:
- References:
- Rootkit?
- From: "Domainbox, Tim Abenath" <ta@domainbox.de>
- Re: Rootkit?
- From: "Jason Lim" <maillist@jasonlim.com>