"Dan Hutchinson" <[EMAIL PROTECTED]> writes:
> Sorry I miss read your response.
> Well you can get the source kernel and run it threw the fornesics program
> then compile it possible.
> Anyway it will help with open trojans and virus anyway.
There's a couple of things that could go wrong here:
- gcc could be modified to include a backdoor in the kernel,
something like the way described here:
http://www.acm.org/classics/sep95/
- The trojan could be a Linux kernel module that hides itself from
any system calls that might detect it, substituting innocuous code,
and different MD5 checksums. You can easily find modules like this
quite easily on the web.
--
Carey Evans http://home.clear.net.nz/pages/c.evans/
"May not be representative of the experience of actual customers."
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
- Re: Debian audititing tool? Christian Kurz
- Re: Debian audititing tool? Rene Mayrhofer
- Re: Debian audititing tool? Jacob Kuntz
- Re: Debian audititing tool? Jan Martin Mathiassen
- Re: Debian audititing tool? Dan Hutchinson
- Re: Debian audititing tool? Rene Mayrhofer
- Re: Debian audititing tool? Christian Kurz
- Re: Debian audititing tool? Colin Phipps
- Re: Debian audititing tool? Rene Mayrhofer
- Re: Debian audititing tool? Peter Cordes
- Re: Debian audititing tool? Carey Evans
- Re: Debian audititing tool? Ethan Benson
- Re: Debian audititing tool? Peter Cordes
- Re: Debian audititing tool? Peter Eckersley
- Re: Debian audititing tool? dginsburg
- Re: Debian audititing tool? Rainer Weikusat
- Re: Debian audititing tool? Christian Kurz
- Re: Debian audititing tool? Christian Kurz
- Re: Debian audititing tool? Rainer Weikusat
- Re: Debian audititing tool? Christian Kurz
- Re: Debian audititing tool? Pavel Minev Penev
