Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: New release of Solaris secuirity module Papillon
From: Dave Aitel (daveimmunitysec.com)
Date: Tue Apr 22 2003 - 10:36:47 CDT
Good work, once again. In fact, there are probably many really cool
projects that could benefit from being built on your work - for example,
a kernel rootkit detection tool...
It didn't really detect my 0day local root - or not in a way that it can
distinguish between it, and lots of valid popen()s and execves() and
other normal activity. You should only warn if the current %PC is on a
non .text page, maybe?
On 20 Apr 2003 15:26:29 +0200
Konrad Rieck <krroqe.org> wrote:
> I am sending this mail again to the "Focus Sun" list, because it
> returned after one week pending without being accepted or rejected
> and I feel that it actually fits the focus of this mailing list.
> With this mail I'd like to announce a new release of my open source
> Solaris security module named Papillon. Source and binary packages are
> available at