From owner-freebsd-current Tue Jul 13 5:52:38 1999 Delivered-To: freebsd-current@freebsd.org Received: from kaly.iqm.unicamp.br (d2p67.mpcnet.com.br [200.246.29.195]) by hub.freebsd.org (Postfix) with ESMTP id 22C3014FD6 for ; Tue, 13 Jul 1999 05:52:07 -0700 (PDT) (envelope-from vazquez@iqm.unicamp.br) Received: by kaly.iqm.unicamp.br (Postfix, from userid 105) id 77B9C1DD; Tue, 13 Jul 1999 00:51:58 -0300 (EST) Date: Tue, 13 Jul 1999 00:51:58 -0300 From: Pedro A M Vazquez To: Nik Clayton Cc: "David E. Cross" , mestery@visi.com, Scott Michel , freebsd-current@FreeBSD.ORG Subject: Re: Just the kind of news we needed... Message-ID: <19990713005157.A26497@kaly.iqm.unicamp.br> References: <199907121841.OAA86709@cs.rpi.edu> <19990712232342.B19068@catkin.nothing-going-on.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.6i In-Reply-To: <19990712232342.B19068@catkin.nothing-going-on.org>; from Nik Clayton on Mon, Jul 12, 1999 at 11:23:42PM +0100 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Mon, Jul 12, 1999 at 11:23:42PM +0100, Nik Clayton wrote: > On Mon, Jul 12, 1999 at 02:41:32PM -0400, David E. Cross wrote: > > > > http://thc.pimmel.com/ > > > > > > > I actually found the article a very good source of documentation on > > > programming loadable modules for FreeBSD. Granted, I'm not sure of it's > > > accuracy, but it was a worthwhile read for someone like myself who has > > > only coded LKMs for Linux. Very interesting. > > > > Agreed. Perhaps we could (with the author's permission) import this a bit > > into the documentation project? > > He he. > > I'll contact them tomorrow, and see what I can work out. > yep the tutorial about kld is very good, the kewl topics about backdoors are as harmfull as building a trojaned kernel or tcpd wrapper. This article is like one of the sekure.org "teaching" how to "break" ssh after you got root on a given machine using ktrace. Not he's wrong but even Mitnick had beter ideas on VMS macines about trojaning PGP 5 years ago. Anyway while the article is very-very good it seems the markting was more slashdot oriented than security itself, I can see that "unknow user" at kernel@tdnet.com.br removing freebsd from his servers due freebsd being unsecure. I think articles like this one should be part of FBSD documentation not only as a digest but also with an url to the original paper, we had other good papers on *BSD internals in phrack and other uground publications that never got to www.freebsd.org > N > -- > [intentional self-reference] can be easily accommodated using a blessed, > non-self-referential dummy head-node whose own object destructor severs > the links. > -- Tom Christiansen in <375143b5@cs.colorado.edu> > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message > -- Whenever you find that you are on the side of the majority, it is time to reform. -- Mark Twain To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message