[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: I've been hacked by DevilSoul



also sprach Noah L. Meyerhans <frodo@morgul.net> [2002.01.11.2240 +0100]:
> Oh, it certainly can!  knark is a perfect example of a kernel module to
> do just this.  (knark is Swedish for "drugged".)  It allows files,
> processes, network connections, and network interface promiscuity to be
> *completely* hidden.  It allows the cracker to override what actual
> binary file gets run when a user tries to run some other (possibly
> hidden) executable.

wow. a link please?
http://www.sans.org/newlook/resources/IDFAQ/knark.htm
?

-- 
martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
  
the remote desktop feature of windows xp is really nice (and
*novel*!). as a micro$oft consultant can *remotely* disable the
personal firewall and control the system. we'll ignore the fact that
this tampering with the firewall is not logged, and more importantly,
that the firewall isn't restored when the clowns from redmod are done
with their job.

Attachment: pgprq2J4ks1L4.pgp
Description: PGP signature


Reply to: