NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Honeypots List> 2002-q1

From: Daisuke MIYAMOTO (daisu-miis.aist-nara.ac.jp)
Date: Fri Mar 08 2002 - 22:22:42 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Michael Clark <mikehoneynet.org> wrote:

Auditing the I/O of pseude tty device or system calls might be one of the
good way. But, I think that a cracker can notice if kernel code of intruded host
had be modified.

Does anyone knows how to refer the kernel values of
vmware/jail/usermode-linux box from host OS ?

--- Daisuke MIYAMOTO IPLAB, Nara Institude of Science and Technology weburl:http://iplab.aist-nara.ac.jp/ mailto:daisu-mi

is.aist-nara.ac.jp

--------------------------------------------------------------------- To unsubscribe, e-mail: honeypots-unsubscribesecurityfocus.com For additional commands, e-mail: honeypots-helpsecurityfocus.com --------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities. Please, see: https://alerts.securityfocus.com/

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]