Re: chkrootkit and LKM?

• Previous message: morning_wood: "Re: SNMP search for printers?"
• In reply to: Rob Shein: "RE: chkrootkit and LKM?"
• Next in thread: Andrew Ruef: "RE: chkrootkit and LKM?"
• Reply: Andrew Ruef: "RE: chkrootkit and LKM?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Rob Shein" <shoten@starpower.net>, 'Janus N. Tøndering' <janus@bananus.dk>, <incidents@securityfocus.com>
Date: Wed, 18 Jun 2003 09:21:45 -0700

> ----- Original Message -----
> From: "Rob Shein" <shoten@starpower.net>
> To: "'Tim Greer'" <chatmaster@charter.net>; "'Janus N. Tøndering'"
<janus@bananus.dk>; <incidents@securityfocus.com>
> Sent: Wednesday, June 18, 2003 12:47 AM
> Subject: RE: chkrootkit and LKM?
>

> This won't help if it's an LKM...LKM stands for "Linux Kernel Module,"

For some reason, I just saw 'chrootroot' and not LKM; hence my response.
Anyway, I always recommend people not compile in loadable module support if
they want a more secure kernel and to avoid this type of problem in the
future.

--
Regards,
Tim Greer  chatmaster@charter.net
Server administration, security, programming, consulting.
----------------------------------------------------------------------------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the 
world's premier technical IT security event! 10 tracks, 15 training sessions, 
1,800 delegates from 30 nations including all of the top experts, from CSO's to 
"underground" security specialists.  See for yourself what the buzz is about!  
Early-bird registration ends July 3.  This event will sell out. www.blackhat.com
----------------------------------------------------------------------------

• Previous message: morning_wood: "Re: SNMP search for printers?"
• In reply to: Rob Shein: "RE: chkrootkit and LKM?"
• Next in thread: Andrew Ruef: "RE: chkrootkit and LKM?"
• Reply: Andrew Ruef: "RE: chkrootkit and LKM?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]