Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Re: yes, its t0rn again
.

  • To: [EMAIL PROTECTED]
  • Subject: Re: yes, its t0rn again
  • From: Helmut Springer <[EMAIL PROTECTED]>
  • Date: Thu, 04 Jan 2001 18:08:53 +0100
  • In-reply-to: <[EMAIL PROTECTED]>
.
 
On Wed 2001-01-03 (15:51), Andreas Hasenack wrote:
> That may also not be enough. A library could have been hacked,
> md5sum should be statically linked. And, if a kernel module has
> been inserted, then all bets are off, you would have to reboot
> from a known kernel to be sure.

if you're playing rough you won't have modules support in the kernel
(as long as you can't make sure modules can't be tampered) and a
read only boot media checking the system from a read only core
system on startup.

yes, that somewhat makes system maintenance a pain.  the price to
pay.

--
MfG/best regards, helmut springer         Die andern schon scheintot,
                                          Du springst aufs Podest...
                                          Du bist besser dran, Brille,
                                          besser, viel besser als der Rest.
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.