chkrootkir LKM Trojan ?
Toby Kelsey
toby_kelsey at ntlworld.com
Thu Jul 20 15:15:47 UTC 2006
Brian McKee wrote:
> Let's say I write a rootkit that is rkhunter aware, and chkrootkit
> aware, and
> modifies all the binaries on your machine invisibly - how do you find it?
The answer is always the same - you start from a known-good system, such as a
trusted boot media, and verify everything else.
> We can reduce this to absurdity. If God wants to rootkit you, he will.
You could always build your own hardware from raw materials and hand-write the
operating system. You need to choose the appropriate level of paranoia.
Toby
More information about the ubuntu-users
mailing list