Re: rootkit detection

To: debian-security@lists.debian.org
Subject: Re: rootkit detection
From: Philip Thiem <ptt@umr.edu>
Date: Mon, 11 Mar 2002 13:05:55 -0600
Message-id: <[🔎] 20020311190555.GD23950@umr.edu>
In-reply-to: <[🔎] Pine.LNX.3.96.1020310192045.5828A-100000@Maggie.Linux-Consulting.com>
References: <[🔎] 170169859394.20020310130747@anscheinend.net> <[🔎] Pine.LNX.3.96.1020310192045.5828A-100000@Maggie.Linux-Consulting.com>

He might have meant that he doesn't want to run the risk of getting 
a poor utility thinking that it is a good one(risk of security by ignorance), 
so he's asking for recommendations from people that might know something.  
However, he should understand program/technology limitations (e.g. they might 
not detect the latest root kit) and evaluate the tool on a "test" box before
putting it into production.  This is only a starting point, and from here
should seek to educate himself.


Philip Thiem

On Sun, Mar 10, 2002 at 07:30:56PM -0800, Alvin Oga wrote:
> but what kind of risk are you referring to ??

Reply to:

References:
- rootkit detection
  - From: "linux-dude@anscheinend.net" <Shadowfreak@gmx.net>
- Re: rootkit detection
  - From: Alvin Oga <aoga@Maggie.Linux-Consulting.com>

Prev by Date: Re: best way to create pop only accounts
Next by Date: Re: [SECURITY] [DSA 122-1] New zlib & other packages fix buffer overflow
Previous by thread: Re: rootkit detection
Next by thread: Rootkit Detection
Index(es):
- Date
- Thread