On Mon, 8 May 2000, Piotr Wilkin wrote:
> On Sun, 7 May 2000, Ron Van Dam wrote:
> > Well my thought was if you are running syslog on another box you would have
> > somewhat of a temperproof
> > system. For instance an intruder compromises root. loads a kernel module to
> > hide his/her activities. If modules are logged there's one more piece of
> > evidence that the system has been compromised. Right now (under 2.2 kernels)
> > I do not see any logs when I load (or remove) modules.
> In case anyone else wants module loading/unloading logging, here is the
> patch against 2.3.99-pre7-6:
shouldn't modutils do the sysloggin?
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to email@example.com
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:12 EST