Re: chkrootkit and LKM?
Valdis.Kletnieks_at_vt.edu
Date: 06/18/03
- Previous message: Rob Shein: "RE: chkrootkit and LKM?"
- In reply to: Blade Runner: "Re: chkrootkit and LKM?"
- Next in thread: Tim Greer: "Re: chkrootkit and LKM?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Blade Runner <blade@seven.com.br> Date: Wed, 18 Jun 2003 00:39:53 -0400
On Tue, 17 Jun 2003 16:47:52 -0300, Blade Runner <blade@seven.com.br> said:
> If possible, do not allow Loadable module support , maybe this can avoid
> future problems with lkm.
Please note that even if the kernel is built without loadable module support,
it is still possible to insert a module into the kernel - it just requires
a bit more effort on the part of the programmer.
Silvio Cesare's paper on doing this:
http://www.l0t3k.org/biblio/kernel/english/runtime-kernel-kmem-patching.txt
More than you ever wanted to know:
http://packetstormsecurity.nl/docs/hack/LKM_HACKING.html
- application/pgp-signature attachment: stored
- Previous message: Rob Shein: "RE: chkrootkit and LKM?"
- In reply to: Blade Runner: "Re: chkrootkit and LKM?"
- Next in thread: Tim Greer: "Re: chkrootkit and LKM?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
