Vulnerability Development: Re: Positive uses for rootkits -> off-topic: booting tricks.

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: Positive uses for rootkits -> off-topic: booting tricks.

From: Alex Schütz <antitrack_legend () TELEKABEL AT>
Date: Mon, 26 Mar 2001 15:22:29 +0200

At 16:46 25.03.01 -0500, you wrote:

Something I like doing is leaving the kernel source there, but modify it
so it is unbootable.


I guess you now know why I usually have my kernel on a write-protected
bootdisk. The PC server default-boots from that disk. Many attackers are
not smart enough to modify the CMOS bios boot options before rebooting.
Even if they did, the boot-device is a SCSI harddisk on an SCSI controller
that has no boot-bios (NCR cheapo-controller), so it might be *really*
impossible to hack anything this way. And no IDE devices !

So we've found something 100% safe from remote-rebooting "a modified
kernel" at least. If that ever helps? God knows :-) Anyhow, sorry for being
so off-topic. Talk to you later,

Alex

By Date By Thread

Current thread:

Re: Positive uses for rootkits, (continued)
- Re: Positive uses for rootkits Jason Nicholls (Mar 23)
- Re: Positive uses for rootkits Jonathan James (Mar 25)
  - Re: Positive uses for rootkits Dick Visser (Mar 25)
    - Re: Positive uses for rootkits Ron DuFresne (Mar 25)
    - Re: Positive uses for rootkits Daniel R. Warner (Mar 25)
    - Re: Positive uses for rootkits -> off-topic: booting tricks. Alex Schütz (Mar 27)
    - Re: Positive uses for rootkits -> off-topic: booting tricks. ze Snark (Mar 28)
    - Re: Positive uses for rootkits The Attitude Adjuster (Mar 25)
    - Re: Positive uses for rootkits Ben Ford (Mar 28)
    - Re: Positive uses for rootkits Big Woz (Mar 28)
    - Re: Positive uses for rootkits Renee Teunissen (Mar 26)