Re: kernel panic - help!?

2007-12-12 Thread Justin Banks
> > Dec 12 00:24:15 santorini kernel: EIP:0060:[]Not > > tainted VLI > > Dec 12 00:24:15 santorini kernel: EFLAGS: 00010246 (2.6.9-55.0.9.ELsmp) --^^^^^^ > Please tell the kernel version before post

Where's the create() pointer?

2008-01-19 Thread Justin Banks
ng that the ability to share mount structures between multiple NFS mounts resulted in some kind of fake superblock, but I just can't figure out where to find the functions. -justinb -- Justin Banks BakBone Software [EMAIL PROTECTED] -- To unsubscribe from this list: send the line "unsubscri

Re: Where's the create() pointer?

2008-01-19 Thread Justin Banks
Trond Myklebust wrote > > On Sat, 2008-01-19 at 08:07 -0700, Justin Banks wrote: > > It's probably been this way for a long time, and I'm just noticing, but > > I can't seem to find the create() (among others) pointer for NFS > > filesystems. > &g

Re: Where's the create() pointer?

2008-01-19 Thread Justin Banks
Trond Myklebust wrote > > On Sat, 2008-01-19 at 12:02 -0700, Justin Banks wrote: > > Trond Myklebust wrote > > > > > > On Sat, 2008-01-19 at 08:07 -0700, Justin Banks wrote: > > > > It's probably been this way for a long time, and I'm just n

Re: Out of tree module using LSM

2007-11-29 Thread Justin Banks
t; > Doesn't help statically linked binaries, or anything else that bypases glibc. Or NFS servers for that matter, either. -justinb -- Justin Banks BakBone Software [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of

Re: Out of tree module using LSM

2007-11-29 Thread Justin Banks
rather than 100% is that a reason for not trying to make it possible? It'd obviously not work for mmap, but as near as I can tell the whole point is to get the "normal" malware cases without having to do icky things like mangle the syscall table. -justinb -- Justin Banks BakBone So

Re: Out of tree module using LSM

2007-11-30 Thread Justin Banks
Al Viro wrote > On Thu, Nov 29, 2007 at 03:12:38PM -0700, Justin Banks wrote: > > > It's not perfect, but as was recently pointed out, if you can only get > > 98% of the way there rather than 100% is that a reason for not trying to > > make it possible? > > BTW

Re: After many hours all outbound connections get stuck in SYN_SENT

2007-12-20 Thread Justin Banks
c options. I'll still have > to anonymize 2000+ IP addresses, but I think there is an open source > tool that will do this for you. tcpdump -p -n -s 1600 -c 1 | perl -pe 's/(\d+\.\d+\.\d+\.\d+)/HIDE.THIS.IP.ADDR/g' -justinb -- Justin Banks BakBone Software [EMAIL PROTE