On Sun, 19 Nov 2000, David Lang wrote: > there is a rootkit kernel module out there that, if loaded onto your > system, can make it almost impossible to detect that your system has been > compramised. with module support disabled this isn't possible. Yes, it is. Easily. If you've got root you can modify the kernel image and reboot the bloody thing. And no, marking it immutable will not help. Open the raw device and modify relevant blocks. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] Please read the FAQ at http://www.tux.org/lkml/
- BTTV detection broken in 2.4.0-test11-pre5 Werner Almesberger
- Re: BTTV detection broken in 2.4.0-test11-pre5 Gerd Knorr
- Re: BTTV detection broken in 2.4.0-test11-pre5 Werner Almesberger
- Re: BTTV detection broken in 2.4.0-test11-... Gerd Knorr
- Re: BTTV detection broken in 2.4.0-tes... David Ford
- Re: BTTV detection broken in 2.4.... Gerd Knorr
- Re: BTTV detection broken in ... Keith Owens
- Re: BTTV detection broken... Gerd Knorr
- Re: BTTV detection broken... Keith Owens
- Re: BTTV detection broken in ... David Lang
- Re: BTTV detection broken... Alexander Viro
- Re: BTTV detection broken... Dan Hollis
- Re: BTTV detection broken... Christer Weinigel
- Re: BTTV detection broken... Alexander Viro
- Re: BTTV detection broken... Dan Hollis
- Re: BTTV detection broken... Ben Ford
- Re: BTTV detection broken... Dan Hollis
- Re: BTTV detection broken... Alan Cox
- Re: BTTV detection broken... Rogier Wolff
- Re: BTTV detection broken... Dan Hollis
- Re: BTTV detection broken... David Woodhouse
