Same thing makers of rootkits do change the way the apps operate (just
program in some sanity check prior to execution) alternatively make
aliases to the commands so that ps -auxf behaves like ps
On Tue, 2002-11-19 at 15:17, Steven Adams wrote:
> Hi,
> I am running slackware linux and i notice that on freebsd and some other
> distros when u type ps auxf it only outputs the processes your running and
> not anyone else..
>
> I was wondering how they made it do this..
>
> Ive also noticed that in a users home dir .bash_history is owned by the
> user.. But if the user trys to remove it or chmod it to a diferent setting
> it says operation not permitted.
>
> Ive also seen this before
> When someone trys a normal ping.
>
> ping: socket: Operation not permitted
>
> How are theses things done and is there a site thats tells u in detail on
> how to make your system secure
>
> /Steve
>
> ------------------------------------------------------------------------
> To unsubscribe email security-discuss-request@linuxsecurity.com
> with "unsubscribe" in the subject of the message.
--
David Blomberg <dblomber@libertec.com>
Nihon Libertec
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
