Re: Exploit or trojan

From: Steve Bremer (steveb_at_nebcoinc.com)
Date: 12/19/03

Next message: Myers, Mike: "RE: Exploit or trojan"

Previous message: dav: "Re: Exploit or trojan"
In reply to: Felipe Franciosi: "Re: Exploit or trojan"
Next in thread: Gil Disatnik: "Re: Exploit or trojan"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: focus-sun@securityfocus.com
Date: Fri, 19 Dec 2003 09:16:10 -0600

> A little addition here: Some Linux backdoors (Suckit, for example)
> doesn't work as a kernel module. It just opens /dev/kmem and patch it
> on the fly.

Using this method also requires more precision. If it's not done
properly, it can create stability problems as was the case when some
of the Debian servers were compromised.

Steve Bremer
NEBCO, Inc.
System & Security Administrator

Next message: Myers, Mike: "RE: Exploit or trojan"

Previous message: dav: "Re: Exploit or trojan"
In reply to: Felipe Franciosi: "Re: Exploit or trojan"
Next in thread: Gil Disatnik: "Re: Exploit or trojan"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]