> <
http://www.networkmagazine.com/shared/article/showArticle.jhtml?
> articleId=55301844&classroom=>
>
> html mail to keep line from wrapping - sorry
Heh, and for those of use using a proper mail client, it still wrapped because
all HTML was stripped from the message for display :)
Better way to avoid line wrap in URLs... tinyurl.com :)
> Interesting magazine - this month has a number of articles that I
> thought were interesting but this one caught my attention. Suggests that
> the day of the rootkit and 'poisoned' ls, ps etc. is/will be replaced
> with kernel modules that at the kernel level, can evade detection by
> typical security tools such as tripwire and at kernel level, can scrub
> itself from processes showing in things like top and ps.
>
> Seems as though the stakes of security administration is rising above
> and beyond the merely intelligent.
Think I've seen a lot about kernel module level rootkits in the last few years.
If it goes in as a module then there might be other ways to pick up on it that
it can't evade. Either kernels with no module support or a variation on the
rootkit module that is for security purposes to monitor what other modules get
loaded up by the system :)
It would be hidden, so even the rootkit wouldn't know it was there, heheh.
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)