From owner-freebsd-chat Fri Feb 14 20:39:49 2003 Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 997FC37B401 for ; Fri, 14 Feb 2003 20:39:48 -0800 (PST) Received: from hotmail.com (f60.sea2.hotmail.com [207.68.165.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2C11243F85 for ; Fri, 14 Feb 2003 20:39:48 -0800 (PST) (envelope-from puralifecr@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Fri, 14 Feb 2003 20:39:47 -0800 Received: from 200.9.59.10 by sea2fd.sea2.hotmail.msn.com with HTTP; Sat, 15 Feb 2003 04:39:47 GMT X-Originating-IP: [200.9.59.10] From: "pura life CR" To: freebsd-chat@freebsd.org Subject: Processes hiding techniques. Date: Fri, 14 Feb 2003 22:39:47 -0600 Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1; format=flowed Message-ID: X-OriginalArrivalTime: 15 Feb 2003 04:39:47.0829 (UTC) FILETIME=[45156A50:01C2D4AC] Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I would like to know what are current processes hiding techniques that can be used in FreeBSD for an intruder. I would like to know this for learning how to deal with this situation when I become a FreeBSD admin. For example, an user wants to run a nmap or password cracking or a irc bot, what can he do to hide the process so the admin when perform a ps -ax is not able to look the process. _________________________________________________________________ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message