Date: Mon, 31 Jan 2005 12:49:08 -0800 From: "Steven Alexander" <alexander.s@mccd.edu> To: "H. S." <security@revolutionsp.com>, <freebsd-hackers@freebsd.org> Subject: RE: syscall list Message-ID: <C246F099C408FE429BCEE7473E2DDC603E21C2@internet1.mccd.edu>
index | next in thread | raw e-mail
Syscalls are talked about in section 2.7 Forensic Analysis of a Live Linux System, Part Two http://www.securityfocus.com/infocus/1773 This article is more in depth on this point; it's by the same author. Detecting Kernel-level Compromises With gdb http://www.securityfocus.com/infocus/1811 I hope this helps. Steven -----Original Message----- From: H. S. [mailto:security@revolutionsp.com] Sent: Monday, January 31, 2005 12:01 PM To: freebsd-hackers@freebsd.org Subject: syscall list Hi, I don't remember how to extract the syscall list from the kernel. There was an article some time ago about this, and checking the syscall address to make sure it was not changed in the kernel. Could anyone point me to this article? I've tried to google around but didn't find it. Best Regards _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C246F099C408FE429BCEE7473E2DDC603E21C2>