Re: how to fix rootkit?
On 02/08/12 18:07, Russell Coker wrote:
> On Thu, 9 Feb 2012, Stephen Hemminger <firstname.lastname@example.org> wrote:
>> The advice I heard is trust nothing (even reflash the BIOS).
> Do you know of any real-world exploits that involve replacing the BIOS? It's
> been theoretically possible for a long time but I haven't seen any references
> to it being done.
Exploits that are theoretically possible are implemented by private 3rd
I've a small collection of utilities I know that I'm the only one who
has a copy, though other tools that work the same way more then likely
> Also one thing to keep in mind is the apparent competence of the attackers.
> If they didn't bother changing debsums then it's unlikely that they did any of
> the other tricky things which have been discussed (such as trojaning the
A RedHat expert can alter a running Debian kernel, but might miss debsum.