Re: Anti-Rootkit app
--- Dan Lukes <dan@obluda.cz> wrote:
> >> I need to install an anti-rootkid
>
> If I understand correctly, an intruder need to be superuser to be able
> to install a rootkit.
>
> If our intruders has superuser privileges, they can tamper any
> anti-rootkit.
>
> Is the main reason to install anti-rootkit we count the intruders are
> so dumb to look for one of port's anti-rootkit package before they do
> it's dirt work ?
>
> Or I miss something important ?
>
> Dan
One solution would be to have /var/log/auth.log being tailed out via a serial
port to another computer that is not accessable via a network - or have it sent
to a printer for a permanent hard-copy. It all depends on how much you really
want to do in regard to security.
Cheers, Tim.
____________________________________________________________________________________
Never miss a thing. Make Yahoo your home page.
http://www.yahoo.com/r/hs
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 8 之 10 篇):