Date: Tue, 18 Nov 2008 14:29:44 +0100 From: Alexej Sokolov <bsd.quest@googlemail.com> To: FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: Re: =?utf-8?b?0J7RgtCy0LXRgjo=?= KLD loading, liking Message-ID: <20081118132944.GA2967@debian.samsung.router> In-Reply-To: <20081117204407.GY81783@hoeg.nl> References: <671bb5fc0811151927j6dcb5155oeffbf4cc95cbccb6@mail.gmail.com> <20081116100923.GU81783@hoeg.nl> <20081117113522.GA2732@debian.samsung.router> <65f70ae30811170735i60891633ja0791f3d73cee188@mail.gmail.com> <20081117204407.GY81783@hoeg.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Nov 17, 2008 at 09:43:44PM +0100, Ed Schouten wrote: > * Aleksandr Litvinov <free.dvig@gmail.com> wrote: > > Hello, > > You can receive a little information about KLD from the book > > "designing BSD rootkits". > > I don't own this book myself, but a colleague at Snow B.V. once showed > it to me. I only looked through it a couple of minutes, but it seemed > like a book nice to have. It also shows some techniques on how to hide > KLD's. I have this book. It shows some techniques, but it doesn't explain many things. And for KLD loading it gives only easy examples without explaining how KLD-Loader works. It's not absolutely necessary to bye this book. There are some papers, which explain the topics of the book very well: 1. Fun and Games with FreeBSD Kernel Modules http://www.r4k.net/mod/fbsdfun.html 2. Attacking FreeBSD with Kernel Modules: http://packetstormsecurity.org/papers/unix/bsdkern.htm > > -- > Ed Schouten <ed@80386.nl> > WWW: http://80386.nl/ -- Alexej Sokolov <bsd.quest@googlemail.com>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081118132944.GA2967>