Bugtraq mailing list archives
Re: Re[2]: snooper watchers
From: mcn () c3serve c3 lanl gov (Michael Neuman)
Date: Wed, 1 Mar 1995 11:14:41 -0600 (CST)
The best thing to do is take the nit support out of the kernel and remove /dev/nit. Now someone would have to build a new kernel and reboot the machine to replace the nit support.is it not possible for a hacker to set his own boot device before performing his reboot, and then reset it back to whatever-it-was later? ie by messing with /dev/openprom or whatever its called
Sounds too complex to me... If you take out NIT, I know of two ways I can put it back in WITHOUT rebooting. Modifying running kernels isn't all that hard. Remember, anything is possible... -Mike mcn () EnGarde com En Garde Systems Computer Security Software and Consulting
Current thread:
- Re: Re[2]: snooper watchers fast forward futurama (Mar 01)
- Re: Re[2]: snooper watchers System Administrator (Mar 02)
- Large security hole in SGI IRIX 5.2 Larry Glaze (Mar 02)
- Re: Large security hole in SGI IRIX 5.2 Christian A. Ratliff (Mar 03)
- Re: Large security hole in SGI IRIX 5.2 Larry Glaze (Mar 03)
- Re: Large security hole in SGI IRIX 5.2 Dave Schweisguth (Mar 03)
- Re: Large security hole in SGI IRIX 5.2 Dave Schweisguth (Mar 03)
- Re: Large security hole in SGI IRIX 5.2 Software Test Account (Mar 07)
- Re: Large security hole in SGI IRIX 5.2 Steve Robbins (Mar 10)
- Re: Large security hole in SGI IRIX 5.2 Christian A. Ratliff (Mar 03)
- <Possible follow-ups>
- Re: Re[2]: snooper watchers F. L. Charles Seeger III (Mar 01)
- Re: snooper watchers der Mouse (Mar 01)