also sprach Noah L. Meyerhans <frodo@morgul.net> [2002.01.11.2240 +0100]: > Oh, it certainly can! knark is a perfect example of a kernel module to > do just this. (knark is Swedish for "drugged".) It allows files, > processes, network connections, and network interface promiscuity to be > *completely* hidden. It allows the cracker to override what actual > binary file gets run when a user tries to run some other (possibly > hidden) executable. wow. a link please? http://www.sans.org/newlook/resources/IDFAQ/knark.htm ? -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck the remote desktop feature of windows xp is really nice (and *novel*!). as a micro$oft consultant can *remotely* disable the personal firewall and control the system. we'll ignore the fact that this tampering with the firewall is not logged, and more importantly, that the firewall isn't restored when the clowns from redmod are done with their job.
Attachment:
pgprq2J4ks1L4.pgp
Description: PGP signature