Hi! On 15:37 Thu 19 Aug , Anuz Pratap Singh Tomar wrote: > Hi all, > I came across this page about possible security exploit in kernel modules. > This page is very old(circa 1999), but it seems very interesting, I am > wondering if this is any more relevant or all the holes are well patched > now. > > http://www.packetstormsecurity.nl/docs/hack/LKM_HACKING.html#I.1. What they are describing are called rootkits. They still exist today and you do not even need to have loadable kernel modules enabled. There is also a tool called chkrootkit, which tries to detect them. However, if your attacker has gained root access, it pretty much means that you are doomed. -Michi -- programing a layer 3+4 network protocol for mesh networks see http://michaelblizek.twilightparadox.com -- To unsubscribe from this list: send an email with "unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx Please read the FAQ at http://kernelnewbies.org/FAQ
