[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian audititing tool?

On 00-12-21 Dan Hutchinson wrote:
> Sorry it was fornesics, but the code is basically matching the machine
> code, a unique pattern of 1's and 0's to the machine code of the kernal.

Well, but then you need to know all patterns of malicous code that could
occur. I think this will be a lot of patterns that you have to search
for, so that the search will take a long time.

> Unless you have a kernal file that doesn't have 1's and 0's in machine
> language, you can scan the code.  I am not sure how ASM code is written
> thou.

Well, ASM (assembler) comes also down to 1 and 0 if you think about
machine-code that is used by the processor. I thaught you wanted to scan
the code that you find beneath /usr/src/linux.

Ein "Nein" ausgesprochen mit der tiefsten Überzeugung ist besser
und größer als ein "Ja" um zu gefallen oder noch schlimmer, um
Schwierigkeiten zu umgehen.
  -- Mahatma Gandhi

Reply to: