Re: LKM rootkits in 2.6.x

From: Valdis . Kletnieks
Date: Thu Mar 11 2004 - 14:42:56 EST

Next message: Kevin Buhr: "Re: UID/GID mapping system"
Previous message: Måns Rullgård: "Re: LKM rootkits in 2.6.x"
In reply to: Jirka Kosina: "Re: LKM rootkits in 2.6.x"
Next in thread: Horst von Brand: "Re: LKM rootkits in 2.6.x"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 11 Mar 2004 11:26:23 PST, pg smith <pete@xxxxxxxxxxxxxx> said:
> Any thoughts on the future of LKM rootkits in the 2.6 kernel branch ? In

Speak of the devil...

Subject: Announcing full functional adore-ng rootkit for 2.6 Kernel
From: stealth <stealth@xxxxxxxxxxxx>
Date: Thu, 11 Mar 2004 10:27:00 +0000
To: bugtraq@xxxxxxxxxxxxxxxxx

Hi,

At http://stealth.7350.org/rootkits/adore-ng-0.41.tgz you find
the complete port of adore-ng for the Linux kernel 2.6. All
of the stuff you know from earlier kernel 2.4 versions such
as socket-, process- and file-hiding, syslog- and [uw]tmp filtering
has been ported. Additionally since version 0.32 a buffer overflow has
been fixed (doh!) which could lead to crashes when a lot of network
connections exist.

regards,
stealth-

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Kevin Buhr: "Re: UID/GID mapping system"
Previous message: Måns Rullgård: "Re: LKM rootkits in 2.6.x"
In reply to: Jirka Kosina: "Re: LKM rootkits in 2.6.x"
Next in thread: Horst von Brand: "Re: LKM rootkits in 2.6.x"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]