Re: DHCP - rootkit
hi ya rick
On Mon, 28 Oct 2002, Rick Moen wrote:
> Quoting Alvin Oga (aoga@Maggie.Linux-Consulting.com):
> >> Um, Alvin? You might want to look up the definition of "rootkit".
> >
> > my definition ... anything that allows an un-educated user to just
> > run that tool to break into other peoples network and machines
> > ( there's too many "rootkits" to count )
>
> That's just not what a rootkit is. Sorry.
like i said ... that was my definition in 1 minute...
if you like a more formal definition of "rootkit" ...
http://whatis.techtarget.com/definition/0,289893,sid9_gci547279,00.html
> >> This confusion has also come up elsewhere, on LinuxToday:
> >> http://linuxtoday.com/news_story.php3?ltsn=2002-09-20-011-26-SC-SV
> >
> > tht just talks about arresting some poor soul ??
>
> Read the talkbacks, at the bottom.
i read all the talkbacks...
- no definition of rootkit posted in the talkbacks
- mostly the same arguments
( reformat or figure out what happened arguements after
( being kitted
- reformatting or resinstalling etc is bad ... in my book
> >>> - spoofing and other techie stuff requires one more year of school
> >>
> >> Setting a fake MAC address requires nothing more than reading the
> >> ifconfig manpage. Acquiring one to "borrow" requires nothing more than
> >> unning tcpdump or equivalent.
> >
> > yes... but setting up a fake mac address and few additional things
> > to do is the next level above the ordinary "tom-dick-harry" that
> > receives a rootkit via email, clicks it and now gets to attack
> > any machine susceptible to that rootkit
>
> 1. That's not what a rootkit does.
okay ... i agree ... use "hacking tools or script kiddit tools" in its
place or any other preferred word of choice
> 2. The sophistication required to read an ifconfig manpage is mighty
> low.
yup ... but still 1 level higher than all the "click on anything" script
kiddies
have fun
alvin
Reply to:
- References:
- Re: DHCP
- From: Rick Moen <rick@linuxmafia.com>