[clug] chkrootkit: LKM Trojan?
Peter Barker
pbarker at barker.dropbear.id.au
Thu Apr 1 00:33:34 GMT 2004
On Thu, 1 Apr 2004, Jepri wrote:
> Or you could just slap your knoppix cd into your CDROM drive, mount your
> hard drive and check it, secure in the knowledge that none of your
> anti-trojan tools have been tampered with.
Ah, but have they flashed your bios with something which looks /just like/
your old bios+lilo, but plays with your kernel before it gets booted?
Not that I'm paranoid or anything... after all, I haven't mentioned the
CPU microcode....
Yours,
--
Peter Barker | N _--_|\ /---- Barham, Vic
Programmer,Sysadmin,Geek | W + E / /\
pbarker at barker.dropbear.id.au | S \_,--?_*<-- Canberra
You need a bigger hammer. | v [35S, 149E]
"They'll need a whole new Orwellian pseudo-crime-name for that... I
suggest "digital molestation of kittens". - Jeremi (14640) from Slashdot
More information about the linux
mailing list