OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Boris Lorenz (bololupa.de)
Date: Thu Apr 25 2002 - 09:46:56 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Yuppa,

    Roman Drahtmueller wrote:
    [...]
    > > Could you elaborate on that a little more? I thought, that the nastiest
    > > root-kits available exploit the module mechanisms? Not true?
    >
    > Negative... It's in one of the phrack magazines: manipulation of kernel
    > memory through /dev/mem, thereby making in possible to introduce new code.
    > So, you see: As long as you can manipulate memory, you're not safe.

    If anyone is interested, here's the article where Phrack #58 refers to
    in "Advances in Kernel Hacking":

    http://www.big.net.au/~silvio/runtime-kernel-kmem-patching.txt

    Boris Lorenz <bololupa.de> 

    ---

    -- 
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here