Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Incidents: Re: yes, its t0rn again

Re: yes, its t0rn again

From: Helmut Springer <delta_at_FAVEVE.UNI-STUTTGART.DE>
Date: Thu, 4 Jan 2001 14:29:26 +0100

On Wed 2001-01-03 (15:51), Andreas Hasenack wrote:
> That may also not be enough. A library could have been hacked,
> md5sum should be statically linked. And, if a kernel module has
> been inserted, then all bets are off, you would have to reboot
> from a known kernel to be sure.

if you're playing rough you won't have modules support in the kernel
(as long as you can't make sure modules can't be tampered) and a
read only boot media checking the system from a read only core
system on startup.

yes, that somewhat makes system maintenance a pain. the price to
pay. 

--
MfG/best regards, helmut springer         Die andern schon scheintot,
                                          Du springst aufs Podest...
                                          Du bist besser dran, Brille,
                                          besser, viel besser als der Rest.
Received on Jan 04 2001
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos