Re: Rootkit?

To: <debian-isp@lists.debian.org>
Subject: Re: Rootkit?
From: "Domainbox, Tim Abenath" <ta@domainbox.de>
Date: Fri, 11 Jul 2003 15:42:17 +0200
Message-id: <[🔎] 006f01c347b2$3ea18770$2820a8c0@paul>
References: <[🔎] 002a01c3478a$dfa4bc00$2820a8c0@paul> <[🔎] 009b01c347b2$14f8b420$0200a8c0@mailfilter>

Hello,

>just need to find one that offers additional protection WITHOUT
> needing a whole bunch of new config files to make and set,

I got stuck waiting for updated Kernel Security-Patches when new kernels are
released, so i use libsafe
(http://www.research.avayalabs.com/project/libsafe/) which seems to run nice
even in production environment.
Until now i only found one Binary not running, hwclock. This will be
terminated by libsafe because it seems to do nasty stuff :)
Bute there is an 'exclude these binarys please' file where this could be
specified....

ta@domainbox.de
the countless lonely voices, like whispers in the dark...

Reply to:

References:
- Rootkit?
  - From: "Domainbox, Tim Abenath" <ta@domainbox.de>
- Re: Rootkit?
  - From: "Jason Lim" <maillist@jasonlim.com>

Prev by Date: Re: Rootkit?
Next by Date: Re: Rootkit?
Previous by thread: Re: Rootkit?
Next by thread: Re: Rootkit?
Index(es):
- Date
- Thread