Date: Mon, 22 Oct 2001 03:03:07 +0200 (SAST) From: The Psychotic Viper <psyv@sec-it.net> To: Andrew Johns <johnsa@kpi.com.au> Cc: CS <spork@fasttrackmonkey.com>, <freebsd-security@FreeBSD.ORG> Subject: Re: KLD detectors Message-ID: <20011022025913.G26647-100000@lucifer.fuzion.ath.cx> In-Reply-To: <3BD34BD2.B33C7D29@kpi.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On Mon, 22 Oct 2001, Andrew Johns wrote: > CS wrote: > > > > Hello, > > > > Does anyone know of a program for FreeBSD to look for "hidden" KLDs? > > > > I found this for linux: > > > > http://www.hsc.fr/ressources/breves/LKMrootkits.html > > > > But so far, nothing for FreeBSD. > > > > Thanks, > > > > CS > > > > I found this a while ago - have never looked into it myself - > just saved the URL for times like this. > > http://www.chkrootkit.org > > They have versions for most un*x's. better yet they in the ports /usr/ports/security/chkrootkit =) and have no idea on how to check for them but you could enable kernel secure levels (if the machine is not going to use X or any securelevelphobic software) which would limit the chance of being bitten by a stray module. Just its not the all-curing-fix but limits what you would need to look at/check to avoid such nasties. HTH, PsyV To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011022025913.G26647-100000>