[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#225456: ITP: skdetect -- program to detect the suckit rootkit



On Tue, Dec 30, 2003 at 02:35:41PM +0100, Benoit Mortier wrote:
Content-Description: signed data
> 
> maybe the statically linked package could be usefull alone in case of an 
> incident ?

I don't know (as I have never used this skdetect thing) but if it's useful
the statically linked version could be included in the chkrootkit package
too. In any case, if you have a kernel-level rootkit it is not really
relevant if you are useing a static-compiled or dynamicly-linked program, 
it can fool both. The only sure way is to analyse the system after powering 
it  off from trusted media.

Regards

Javi

Attachment: signature.asc
Description: Digital signature


Reply to: