On Wed, 2002-02-13 at 20:37, Jeff Bonner wrote: > I have not, knock on wood, had a box compromised in > any way, so I have no practical experience in that regard. Whether > that's the result of my security efforts, or just pure luck, who knows.
I've had to deal with boxes built and maintained by other people being rooted. It's not fun :-( Especially when it's just a root kit. If it were something interesting, which I couldn't look up on Google, at least it'd be fun figuring that part out ;-) > Yeah, I've heard tidbits on them, but I don't know anything substantial > about it. I should probably make that "further reading". Found it! <http://phrack.org/show.php?p=58&a=7> They use /dev/kmem. But I'd bet that a little work work could get around turning off /dev/kmem. But, 'work' is above the abilities of your average script kiddie ;-) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
