Date: Fri, 11 May 2001 20:57:32 +0200 From: =?us-ascii?Q?Jesus_Arnaiz?= <arnaiz@encomix.es> To: <lists@joemagee.com> Cc: <questions@freebsd.org> Subject: RE: Building a Trusted Rootkit Message-ID: <EPEJLCLAKFDENCGMPJJDCEOLDHAA.arnaiz@encomix.es> In-Reply-To: <200105111423.AA4456760@mail.joemagee.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Mensaje original----- > De: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]En nombre de Joe Magee > Enviado el: viernes, 11 de mayo de 2001 20:24 > Para: questions@FreeBSD.ORG > Asunto: Building a Trusted Rootkit > > > Hello all.. I'm working on a project to gather trusted binarys for BSD > releases... I'm building a Forensics Toolkit which will have trusted copies > of ps, ls, netstat, ifconfig, etc... so that these trusted commands can be > ran on a compromised machine via floppy or cdrom. > > I obviously can't just copy these files from a default install because I > want them to be staticly compiled them so they don't attempt to access > library files or anything like that... > > Can anyone point me in the right direction as to where to fine the source > files to complie them? Is there a perticular tarball i should be looking for? > You have a "install.sh" script in the "sources" or "src" directory of the #1 CD of FreeBSD, use: # ./install.sh bin Or use # /stand/sysinstall Configuration->Installation->Sources->Bin (or similar) > Thanks! > > Joe Magee > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > Regards! -- Jesus Arnaiz 0z0ne Inc I+D/IT Manager http://www.0z0ne.com mailto:jesus@0z0ne.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?EPEJLCLAKFDENCGMPJJDCEOLDHAA.arnaiz>