Re: Anti-Rootkit app


--- Dan Lukes <dan@xxxxxxxxx> wrote:

I need to install an anti-rootkid

If I understand correctly, an intruder need to be superuser to be able
to install a rootkit.

If our intruders has superuser privileges, they can tamper any
anti-rootkit.

Is the main reason to install anti-rootkit we count the intruders are
so dumb to look for one of port's anti-rootkit package before they do
it's dirt work ?

Or I miss something important ?

Dan

One solution would be to have /var/log/auth.log being tailed out via a serial
port to another computer that is not accessable via a network - or have it sent
to a printer for a permanent hard-copy. It all depends on how much you really
want to do in regard to security.

Cheers, Tim.


____________________________________________________________________________________
Never miss a thing. Make Yahoo your home page.
http://www.yahoo.com/r/hs
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: Anti-Rootkit app
    ... securelevels, and a file system integrity checker, and you've got a pretty ... A common strategy with anti-rootkit software is to keep a copy of your ... A lot of computer intruders are dumb, and more important, lazy. ... security measures will keep the small fry and script kiddies at bay. ...
    (FreeBSD-Security)
  • Re: Anti-Rootkit app
    ... If our intruders has superuser privileges, they can tamper any anti-rootkit. ... Is the main reason to install anti-rootkit we count the intruders are so dumb to look for one of port's anti-rootkit package before they do it's dirt work? ...
    (FreeBSD-Security)
  • Re: Unwanted Security Toolbar
    ... I did not install the software. ... ingenuity of these intruders. ... P. Jayant ...
    (microsoft.public.security.virus)