Sometimes processes are created and destroyed too fast for chkrootkit
and you could get a false alarm. But that doesnt seem to be your case.
What chkrootkit does is check ps output against /proc information (which
should be the same). Try to change to /proc/PID for eg. /proc/26194 and
play with cmd
riginal Message -----
From: "Tony Meman" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, December 07, 2002 3:29 PM
Subject: Re: Preventing DHCP from allocating IPs
Someone could just sniff the traffic, collect some valid MAC addresses
and use one of
them w
Someone could just sniff the traffic, collect some valid MAC addresses
and use one of
them when some box is down. MAC spoofing is trivial.
Regards,
--
none
Hasnain Atique wrote:
My solution was somewhat more elaborate.
I'd separated the network into sections, each connecting to a "backbone" o
ICMP doesnt use ports, what made you think it was port 3? Maybe you confused
with ICMP Type or Code. Can you check that?
Regards,
--
none
[EMAIL PROTECTED] wrote:
Hi
i have a strange communication between two of my Linux server, it's ICMP
packet on port 3.
Do you know what it could be ?
Thks
Is there any way to spoof MAC addr even if your NIC doesnt allow it?
If so, how?
--
none
On Mon, 2 Dec 2002, jon kintner wrote:
I know mac addresses can be spoofed pretty easily, but could you setup an
access list or filter that would disallow all mac addresses except for the
ones specified on
