On Tue, 17 Aug 1999, Horst von Brand wrote: > fvw <fvw@chello.nl> said: > > On Tue, 17 Aug 1999, Jones D (ISaCS) wrote: > > > Sorry, I fail to see the connection between kernel modules and > > > trusted networks. > > > Kernel modules can hide evidence of a crack, thus allowing crackers to > > penetrate further into the network. > > So can a dozen other methods. If you got root, you've the run of the system > anyway. The _only_ way to go around that is to have a printer connected and > send all syslog there.
No, not really. Therer are two options:
1) Modify binaries. So loading binaries from a cdrom will defeat this.
2) Make everything all other users see a simulation. This simply not possible
because there aren't enough system resources. (At least not to do it
convincingly).
--
Frank v Waveren
fvw@chello.nl
ICQ# 10074100
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/