|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: [suse-security] masquerading and a monolithic kernel
From: Kurt Seifried (listuser
seifried.org)Date: Wed May 31 2000 - 05:24:07 CDT
- Next message: Timo Schulz: "[suse-security]: Netscape certificate"
- Previous message: Matthias Krawen: "Re: [suse-security] masquerading and a monolithic kernel"
- In reply to: Matthias Krawen: "Re: [suse-security] masquerading and a monolithic kernel"
- Next in thread: Arjen Runsink: "Re: [suse-security] masquerading and a monolithic kernel"
- Reply: Kurt Seifried: "Re: [suse-security] masquerading and a monolithic kernel"
- Reply: Arjen Runsink: "Re: [suse-security] masquerading and a monolithic kernel"
- Reply: Roman Drahtmueller: "Re: [suse-security] masquerading and a monolithic kernel"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> >Experimenting with a firewall I compiled a monolithic kernel with
> >masquerading and without loadable module support so as to make it
> >impossible to subvert the kernel by a malicious module.
> I wondered about this too, but dont you need root-rights in order to load
a
> kernel modul ?
Not always =) Also once you load a module (like say NARK, a kernel level
rootkit for Linux) the sysadmin is f**ked, it's almost impossible to find
you've been taken over and recovery basically involves shutdown and a
reinstall. Getting rid of kernel module support is a good security addition
(it helps quite a bit).
>
> MfG
> Matthias
-Kurt
---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com
- Next message: Timo Schulz: "[suse-security]: Netscape certificate"
- Previous message: Matthias Krawen: "Re: [suse-security] masquerading and a monolithic kernel"
- In reply to: Matthias Krawen: "Re: [suse-security] masquerading and a monolithic kernel"
- Next in thread: Arjen Runsink: "Re: [suse-security] masquerading and a monolithic kernel"
- Reply: Kurt Seifried: "Re: [suse-security] masquerading and a monolithic kernel"
- Reply: Arjen Runsink: "Re: [suse-security] masquerading and a monolithic kernel"
- Reply: Roman Drahtmueller: "Re: [suse-security] masquerading and a monolithic kernel"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]