Re: New release of Solaris secuirity module Papillon
From: Dave Aitel (dave@immunitysec.com)
Date: 04/22/03
- Previous message: Eric AUGE: "Re: distributed ssh key management"
- Maybe in reply to: Konrad Rieck: "New release of Solaris secuirity module Papillon"
- Next in thread: Konrad Rieck: "Re: New release of Solaris secuirity module Papillo"
- Reply: Konrad Rieck: "Re: New release of Solaris secuirity module Papillo"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 22 Apr 2003 11:36:47 -0400 From: Dave Aitel <dave@immunitysec.com> To: focus-sun@securityfocus.com
Good work, once again. In fact, there are probably many really cool
projects that could benefit from being built on your work - for example,
a kernel rootkit detection tool...
It didn't really detect my 0day local root - or not in a way that it can
distinguish between it, and lots of valid popen()s and execves() and
other normal activity. You should only warn if the current %PC is on a
non .text page, maybe?
-dave
On 20 Apr 2003 15:26:29 +0200
Konrad Rieck <kr@roqe.org> wrote:
> Hello,
>
> I am sending this mail again to the "Focus Sun" list, because it
> returned after one week pending without being accepted or rejected
> and I feel that it actually fits the focus of this mailing list.
>
> With this mail I'd like to announce a new release of my open source
> Solaris security module named Papillon. Source and binary packages are
> available at
>
> http://www.roqe.org/papillon
>
- Previous message: Eric AUGE: "Re: distributed ssh key management"
- Maybe in reply to: Konrad Rieck: "New release of Solaris secuirity module Papillon"
- Next in thread: Konrad Rieck: "Re: New release of Solaris secuirity module Papillo"
- Reply: Konrad Rieck: "Re: New release of Solaris secuirity module Papillo"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
