Back to list
Re: Re: Sebek not working
Aug 16 2006 02:23PM
r00m213 gmail com
Re: Sebek not working
Aug 16 2006 08:42PM
Siim Põder (siim poder_1398 eesti ee)
-----BEGIN PGP SIGNED MESSAGE-----
On 16.08.2006 17:23, r00m213 (at) gmail (dot) com [email concealed] wrote:
> How do I install it from a startup script, without anybody seeing
> where the modules are.
I have little backround on this, but you could try to use the
functionality found in most rootkits that hide some files after the
rootkit has been loaded. I spotted some potential work on someone doing
something like this with a couple of google searches, so there you go,
wouldnt hurt to look into it.
Or then you could rename the module to something obscure and
irrelevant-looking (somesort of alsa sound card driver
snd_oss_mixer_emulation_snd_snd_oss blah blah thing) and pretend that
it's absolutely neccessary to load. Also worth a shot.
At some distance down the corridor it seemed suddenly as if somebody
started to beat on a bass drum.
He listened to it for a few seconds and realized that it was just his
He listened for a few seconds more and realized that it wasn't his heart
beating, it was somebody down the corridor beating on a bass drum.
-- Douglas Adams
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
[ reply ]
Copyright 2010, SecurityFocus