| 1 |
>> Amir Alsbih, who found out how to write a rootkit for the 2.6 series of |
| 2 |
>> the Linux kernel, now proposes a module, which uses the same method to |
| 3 |
>> prevent any other module to load into memory. |
| 4 |
> |
| 5 |
> Last version of hardened-sources has GrSecurity option for this: |
| 6 |
|
| 7 |
in general for servers it is a good idea to disable the function of |
| 8 |
loading modules in the kernel. this means that you have to compile all |
| 9 |
in your kernel, but never have the problems of such rootkits. |
| 10 |
|
| 11 |
greets pete |
| 12 |
-- |
| 13 |
gentoo-hardened@g.o mailing list |
Archives