From owner-freebsd-security@FreeBSD.ORG Fri Dec 2 00:46:10 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D614E16A41F for ; Fri, 2 Dec 2005 00:46:10 +0000 (GMT) (envelope-from trent.mcgrath@unix.net) Received: from smtpauth04.mail.atl.earthlink.net (smtpauth04.mail.atl.earthlink.net [209.86.89.64]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5269043D49 for ; Fri, 2 Dec 2005 00:46:10 +0000 (GMT) (envelope-from trent.mcgrath@unix.net) Received: from [24.233.181.65] (helo=[192.168.1.3]) by smtpauth04.mail.atl.earthlink.net with asmtp (Exim 4.34) id 1Ehz3e-00071M-4W; Thu, 01 Dec 2005 19:45:50 -0500 Message-ID: <438F990C.2090402@unix.net> Date: Thu, 01 Dec 2005 19:45:00 -0500 From: Trent McGrath User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 X-Accept-Language: en-us, en, ja MIME-Version: 1.0 To: iwan@staff.usd.ac.id References: <52765.202.65.114.229.1133424317.squirrel@webmail.usd.ac.id> <438E7375.5030100@open-networks.net> <63365.202.65.114.229.1133440742.squirrel@webmail.usd.ac.id> In-Reply-To: <63365.202.65.114.229.1133440742.squirrel@webmail.usd.ac.id> Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms030909000609010906090601" X-ELNK-Trace: 364c4688019bdb4ee18d290b65f2f456239a348a220c2609bee5838141e84336bc9a484293f62b382601a10902912494350badd9bab72f9c350badd9bab72f9c X-Originating-IP: 24.233.181.65 Cc: freebsd-security@freebsd.org Subject: Re: exploiting kernel X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: trent.mcgrath@unix.net List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Dec 2005 00:46:11 -0000 This is a cryptographically signed message in MIME format. --------------ms030909000609010906090601 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/security.html /etc/rc.conf kern_securelevel_enable="YES" kern_securelevel="1" and chflags(1) http://www.freebsd.org/cgi/man.cgi?query=chflags&apropos=0&sektion=0&manpath=FreeBSD+5.4-RELEASE&format=html Thank You, Trent McGrath MIT PGP Key ID: 0xECCF4586 Key fingerprint: 9A 50 CC 42 80 04 84 C0 39 2B 4C F5 FE 99 F7 6B EC CF 45 86 iwan@staff.usd.ac.id wrote: > I'm sorry my english makes confuse, my email mean: > I need to know about kernel's freebsd exploiting to > securing my box. And I need to know how hackers do that > (and what kind of tools they used) either. > > Thanks. > > >>iwan@staff.usd.ac.id wrote: >> >> >>>Hi, >>>Can kernel's freeBSD exploited by tools hacking ? If >>>true, >>>can I know how to fix this problem, and what tools can do >>>that. >>> >>>Thanks alot >>> >>> >>> >>>_______________________________________________ >>>freebsd-security@freebsd.org mailing list >>>http://lists.freebsd.org/mailman/listinfo/freebsd-security >>>To unsubscribe, send any mail to >>>"freebsd-security-unsubscribe@freebsd.org" >>> >>> >>> >>> >> >>thats a bit like asking how long is a piece of string. >>the port chkrootkit can help tell you if a root kit has >>been installed >>on your system, thats all i can tell you with the >>information you gave. >> > > > > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > > --------------ms030909000609010906090601 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIPyjCC BMgwggQxoAMCAQICBAIAApswDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxGDAWBgNV BAoTD0dURSBDb3Jwb3JhdGlvbjEcMBoGA1UEAxMTR1RFIEN5YmVyVHJ1c3QgUm9vdDAeFw0w MjA4MjcxOTA3MDBaFw0wNjAyMjMyMzU5MDBaMIHcMQswCQYDVQQGEwJHQjEXMBUGA1UEChMO Q29tb2RvIExpbWl0ZWQxHTAbBgNVBAsTFENvbW9kbyBUcnVzdCBOZXR3b3JrMUYwRAYDVQQL Ez1UZXJtcyBhbmQgQ29uZGl0aW9ucyBvZiB1c2U6IGh0dHA6Ly93d3cuY29tb2RvLm5ldC9y ZXBvc2l0b3J5MR8wHQYDVQQLExYoYykyMDAyIENvbW9kbyBMaW1pdGVkMSwwKgYDVQQDEyND b21vZG8gQ2xhc3MgMyBTZWN1cml0eSBTZXJ2aWNlcyBDQTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBALEeYGbgQwaeJ2gvApnHiN+F69tl7NRJZ3ouH83cFSzWHqzynUY6XQPA PQUsWhgNWSVCo3LArSjSrTwx4ksH+16Y66gz1mmyWp7qLEmmJi5M8MyrQNKq3ixOgbW6e7hc 0Hu9R/XABtLA5NdH22JAr6EcUQMY27jQu5THPHnqJWSuJhnhPGZHZ5Kde1WrNMJ1btknjp2M 8B3aa5yGBKKQteqdjM/7OUOo8BgtnvcZECycL+HQsf/XWcTNQDL514HbURzyQVKBQbGDuMgJ /pkiR4BPnMuu4CjVHKxwR7Alq6E4Qhdr+mpujV95+PYpAzCkbkbUhV2qQJk4dtseAX3lDKUC AwEAAaOCAacwggGjMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93d3cucHVibGljLXRydXN0 LmNvbS9jZ2ktYmluL0NSTC8yMDA2L2NkcC5jcmwwHQYDVR0OBBYEFPZSIhcVEwgDWb8YlZ9I tLnp/vhmMIGSBgNVHSAEgYowgYcwSQYKKoZIhvhjAQIBBTA7MDkGCCsGAQUFBwIBFi1odHRw Oi8vd3d3LnB1YmxpYy10cnVzdC5jb20vQ1BTL09tbmlSb290Lmh0bWwwOgYMKwYBBAGyMQEC AQMBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vc2VjdXJlLmNvbW9kby5uZXQvQ1AwWAYDVR0j BFEwT6FJpEcwRTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlvbjEcMBoG A1UEAxMTR1RFIEN5YmVyVHJ1c3QgUm9vdIICAaMwKwYDVR0QBCQwIoAPMjAwMjA4MjcxOTA3 MzFagQ8yMDA1MDIyMzIzNTkwMFowDgYDVR0PAQH/BAQDAgHmMA8GA1UdEwQIMAYBAf8CAQAw DQYJKoZIhvcNAQEFBQADgYEAtqewenGL4LqzgR42MnqGGNbxq005CHEGWmegSwHlMEBtibWe Faqxx/QKxlwO6TfeqJfH3M7Ncft0AgfcXxUnCFMHdtS5BunCd1AeysmwwkaBgACtRKpc1iDZ VTK+Vpbx6r2g47wNgDrqzPuaV+14pTY9VurR53TKNMPPsVHp4AwwggV7MIIEY6ADAgECAhEA 4fWXKHr+0Yjq6hgMkNH0OzANBgkqhkiG9w0BAQUFADCB3DELMAkGA1UEBhMCR0IxFzAVBgNV BAoTDkNvbW9kbyBMaW1pdGVkMR0wGwYDVQQLExRDb21vZG8gVHJ1c3QgTmV0d29yazFGMEQG A1UECxM9VGVybXMgYW5kIENvbmRpdGlvbnMgb2YgdXNlOiBodHRwOi8vd3d3LmNvbW9kby5u ZXQvcmVwb3NpdG9yeTEfMB0GA1UECxMWKGMpMjAwMiBDb21vZG8gTGltaXRlZDEsMCoGA1UE AxMjQ29tb2RvIENsYXNzIDMgU2VjdXJpdHkgU2VydmljZXMgQ0EwHhcNMDUwMjEzMDAwMDAw WhcNMDYwMjEzMjM1OTU5WjCB3zE1MDMGA1UECxMsQ29tb2RvIFRydXN0IE5ldHdvcmsgLSBQ RVJTT05BIE5PVCBWQUxJREFURUQxRjBEBgNVBAsTPVRlcm1zIGFuZCBDb25kaXRpb25zIG9m IHVzZTogaHR0cDovL3d3dy5jb21vZG8ubmV0L3JlcG9zaXRvcnkxHzAdBgNVBAsTFihjKTIw MDMgQ29tb2RvIExpbWl0ZWQxFjAUBgNVBAMTDVRyZW50IE1jR3JhdGgxJTAjBgkqhkiG9w0B CQEWFnRyZW50Lm1jZ3JhdGhAdW5peC5uZXQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB AJ0gDi8LH2wIo6Za5C0fj7cMJ3La4UFpqNH7zNAuAv5b9LroouBIcYxoFE+zSL/o34X5sgso hMZ82xw4IX4Jo5r7HcPn41YGrtmRlsqdA40/jBSgU2ylvzJDCymRIiYd/Cd/EU6qaya6Q7zA mXmCdRldVgWfnemQ+Weqtcu+zovVAgMBAAGjggG1MIIBsTAfBgNVHSMEGDAWgBT2UiIXFRMI A1m/GJWfSLS56f74ZjAdBgNVHQ4EFgQUZETYY/elclyYG2QbS89wcjoTtdUwDgYDVR0PAQH/ BAQDAgWgMAwGA1UdEwEB/wQCMAAwIAYDVR0lBBkwFwYIKwYBBQUHAwQGCysGAQQBsjEBAwUC MEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQEBMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2Vj dXJlLmNvbW9kby5uZXQvQ1BTMIGwBgNVHR8EgagwgaUwOKA2oDSGMmh0dHA6Ly9jcmwuY29t b2RvLm5ldC9DbGFzczNTZWN1cml0eVNlcnZpY2VzXzIuY3JsMDqgOKA2hjRodHRwOi8vY3Js LmNvbW9kb2NhLmNvbS9DbGFzczNTZWN1cml0eVNlcnZpY2VzXzIuY3JsMC2gK6ApgSdDbGFz czNTZWN1cml0eVNlcnZpY2VzXzJAY3JsLmNvbW9kby5uZXQwEQYJYIZIAYb4QgEBBAQDAgUg MCEGA1UdEQQaMBiBFnRyZW50Lm1jZ3JhdGhAdW5peC5uZXQwDQYJKoZIhvcNAQEFBQADggEB AI7oJI5fzi+UIheBLE+o+NOXMpu6xdfIURbGBys2uP/uHFQ/ihM06WFUYMUnb4ZEDuTLXtdF l1vp2bGBkxNVgQ3an1QwxGNn1RhH+OmSVDXtiadUPW5LCaQy+qi/MJg6SG7HIoimi0+nLiWz GI417RLBxtLisUHfwfMnEFCi1KRE300QkT0MheM3molYX1V9aYApr6FS/XhEDZMQmzUKEb6O LYXZNHqIxGtb4+RL6IgiE/C/ZaP4xPI/GR/5K9M9DvwwErb18Vcc1yddoU+aMpKrP/eBbQmv HS3zrRmq6J7vknZNuhxVusCV+vcCljjhRzalAUDRC/EKWNXZe3StpEwwggV7MIIEY6ADAgEC AhEA4fWXKHr+0Yjq6hgMkNH0OzANBgkqhkiG9w0BAQUFADCB3DELMAkGA1UEBhMCR0IxFzAV BgNVBAoTDkNvbW9kbyBMaW1pdGVkMR0wGwYDVQQLExRDb21vZG8gVHJ1c3QgTmV0d29yazFG MEQGA1UECxM9VGVybXMgYW5kIENvbmRpdGlvbnMgb2YgdXNlOiBodHRwOi8vd3d3LmNvbW9k by5uZXQvcmVwb3NpdG9yeTEfMB0GA1UECxMWKGMpMjAwMiBDb21vZG8gTGltaXRlZDEsMCoG A1UEAxMjQ29tb2RvIENsYXNzIDMgU2VjdXJpdHkgU2VydmljZXMgQ0EwHhcNMDUwMjEzMDAw MDAwWhcNMDYwMjEzMjM1OTU5WjCB3zE1MDMGA1UECxMsQ29tb2RvIFRydXN0IE5ldHdvcmsg LSBQRVJTT05BIE5PVCBWQUxJREFURUQxRjBEBgNVBAsTPVRlcm1zIGFuZCBDb25kaXRpb25z IG9mIHVzZTogaHR0cDovL3d3dy5jb21vZG8ubmV0L3JlcG9zaXRvcnkxHzAdBgNVBAsTFihj KTIwMDMgQ29tb2RvIExpbWl0ZWQxFjAUBgNVBAMTDVRyZW50IE1jR3JhdGgxJTAjBgkqhkiG 9w0BCQEWFnRyZW50Lm1jZ3JhdGhAdW5peC5uZXQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ AoGBAJ0gDi8LH2wIo6Za5C0fj7cMJ3La4UFpqNH7zNAuAv5b9LroouBIcYxoFE+zSL/o34X5 sgsohMZ82xw4IX4Jo5r7HcPn41YGrtmRlsqdA40/jBSgU2ylvzJDCymRIiYd/Cd/EU6qaya6 Q7zAmXmCdRldVgWfnemQ+Weqtcu+zovVAgMBAAGjggG1MIIBsTAfBgNVHSMEGDAWgBT2UiIX FRMIA1m/GJWfSLS56f74ZjAdBgNVHQ4EFgQUZETYY/elclyYG2QbS89wcjoTtdUwDgYDVR0P AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwIAYDVR0lBBkwFwYIKwYBBQUHAwQGCysGAQQBsjEB AwUCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQEBMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8v c2VjdXJlLmNvbW9kby5uZXQvQ1BTMIGwBgNVHR8EgagwgaUwOKA2oDSGMmh0dHA6Ly9jcmwu Y29tb2RvLm5ldC9DbGFzczNTZWN1cml0eVNlcnZpY2VzXzIuY3JsMDqgOKA2hjRodHRwOi8v Y3JsLmNvbW9kb2NhLmNvbS9DbGFzczNTZWN1cml0eVNlcnZpY2VzXzIuY3JsMC2gK6ApgSdD bGFzczNTZWN1cml0eVNlcnZpY2VzXzJAY3JsLmNvbW9kby5uZXQwEQYJYIZIAYb4QgEBBAQD AgUgMCEGA1UdEQQaMBiBFnRyZW50Lm1jZ3JhdGhAdW5peC5uZXQwDQYJKoZIhvcNAQEFBQAD ggEBAI7oJI5fzi+UIheBLE+o+NOXMpu6xdfIURbGBys2uP/uHFQ/ihM06WFUYMUnb4ZEDuTL XtdFl1vp2bGBkxNVgQ3an1QwxGNn1RhH+OmSVDXtiadUPW5LCaQy+qi/MJg6SG7HIoimi0+n LiWzGI417RLBxtLisUHfwfMnEFCi1KRE300QkT0MheM3molYX1V9aYApr6FS/XhEDZMQmzUK Eb6OLYXZNHqIxGtb4+RL6IgiE/C/ZaP4xPI/GR/5K9M9DvwwErb18Vcc1yddoU+aMpKrP/eB bQmvHS3zrRmq6J7vknZNuhxVusCV+vcCljjhRzalAUDRC/EKWNXZe3StpEwxggReMIIEWgIB ATCB8jCB3DELMAkGA1UEBhMCR0IxFzAVBgNVBAoTDkNvbW9kbyBMaW1pdGVkMR0wGwYDVQQL ExRDb21vZG8gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9VGVybXMgYW5kIENvbmRpdGlvbnMg b2YgdXNlOiBodHRwOi8vd3d3LmNvbW9kby5uZXQvcmVwb3NpdG9yeTEfMB0GA1UECxMWKGMp MjAwMiBDb21vZG8gTGltaXRlZDEsMCoGA1UEAxMjQ29tb2RvIENsYXNzIDMgU2VjdXJpdHkg U2VydmljZXMgQ0ECEQDh9Zcoev7RiOrqGAyQ0fQ7MAkGBSsOAwIaBQCgggLBMBgGCSqGSIb3 DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA1MTIwMjAwNDUwMFowIwYJKoZI hvcNAQkEMRYEFEm6Vf49qghaPoucsZWGH/op1fUvMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZI hvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3 DQMCAgEoMIIBAwYJKwYBBAGCNxAEMYH1MIHyMIHcMQswCQYDVQQGEwJHQjEXMBUGA1UEChMO Q29tb2RvIExpbWl0ZWQxHTAbBgNVBAsTFENvbW9kbyBUcnVzdCBOZXR3b3JrMUYwRAYDVQQL Ez1UZXJtcyBhbmQgQ29uZGl0aW9ucyBvZiB1c2U6IGh0dHA6Ly93d3cuY29tb2RvLm5ldC9y ZXBvc2l0b3J5MR8wHQYDVQQLExYoYykyMDAyIENvbW9kbyBMaW1pdGVkMSwwKgYDVQQDEyND b21vZG8gQ2xhc3MgMyBTZWN1cml0eSBTZXJ2aWNlcyBDQQIRAOH1lyh6/tGI6uoYDJDR9Dsw ggEFBgsqhkiG9w0BCRACCzGB9aCB8jCB3DELMAkGA1UEBhMCR0IxFzAVBgNVBAoTDkNvbW9k byBMaW1pdGVkMR0wGwYDVQQLExRDb21vZG8gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9VGVy bXMgYW5kIENvbmRpdGlvbnMgb2YgdXNlOiBodHRwOi8vd3d3LmNvbW9kby5uZXQvcmVwb3Np dG9yeTEfMB0GA1UECxMWKGMpMjAwMiBDb21vZG8gTGltaXRlZDEsMCoGA1UEAxMjQ29tb2Rv IENsYXNzIDMgU2VjdXJpdHkgU2VydmljZXMgQ0ECEQDh9Zcoev7RiOrqGAyQ0fQ7MA0GCSqG SIb3DQEBAQUABIGAggnwcd7Q6PxR26YvZ0QW5mbCUl/U0YROJDCCjgmSBhuSXAgoAKLjqmaG IbFcpdWR7MDChfHVbKQnWsY5Yw+TvfbVxYo3zmXiMSWOJrS9JXkgsApoRVVUlz0O35ScJ0bK aDcCRBfdvjElw1GF40AAn+ixiqZIOS9L23Q9knGwtGUAAAAAAAA= --------------ms030909000609010906090601--