RE: what is means ? + rootkits..

To: <debian-security@lists.debian.org>
Subject: RE: what is means ? + rootkits..
From: "Jan Johansson" <jan.johansson@viking-telecom.com>
Date: Fri, 19 Apr 2002 16:11:04 +0200
Message-id: <[🔎] E823FA92099E6C4C854CE791DFA1A3D2B61750@got02.vikingtelecom.com>

> Am I just being paranoid, or is this sort of compromise 
> really possible?

And also: If the IDS "was there first" it would trigger on the modified kernel/module/library (or whatever) since it has to differ between the last check _before_ the infection and the first check _after_ infection.

Now, if the exploit was there first, the IDS is a moot point alltogether.


--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Prev by Date: RE: what is means ? + rootkits..
Next by Date: Re: what is means ? + rootkits..
Previous by thread: Re: Many Virtual Hosts security problem with PHP
Next by thread: mysql-server local DOS vulnerability
Index(es):
- Date
- Thread