Re: Kernel Rootkits
From: Malita, Florin
Date: Fri Apr 15 2005 - 12:35:41 EST
On Fri, 2005-04-15 at 13:16 -0400, Richard B. Johnson wrote:
> I'm not sure there really are any "kernel" rootkits. You need to be
> root to install a module and you need to be root to replace a kernel
> with a new (possibly altered) one. If you are root, you don't
> need an exploit.
rootkit != exploit
The exploit is used to gain root privileges while the rootkit is used
after that to install & hide backdoors, sniffers, keyloggers etc.
http://en.wikipedia.org/wiki/Rootkit
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/