Dries Kimpe <[EMAIL PROTECTED]> writes: > Looking at all the nice things one can do with a modern (and > surprisingly easy to make) rootkit, I'm really thinking about just > avoiding modular kernels at any cost.
This was my attitude towards kernel modules, too, but nowadays, you have to expect that attackers patch the kernel even if you have disabled module support. -- Florian Weimer [EMAIL PROTECTED] University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898
