Re: [PATCH] RE: Future Linux devel. Kernels

From: Jeff Garzik (jgarzik@mandrakesoft.mandrakesoft.com)
Date: Mon May 08 2000 - 17:37:22 EST

Next message: Manoj Jose: "Searching DUD Generating Appns"
Previous message: kumon@flab.fujitsu.co.jp: "Re: 2.3.99-preX, Duplicated entries in /proc/irq"
In reply to: Piotr Wilkin: "[PATCH] RE: Future Linux devel. Kernels"
Next in thread: Sven Koch: "Re: [PATCH] RE: Future Linux devel. Kernels"
Reply: Sven Koch: "Re: [PATCH] RE: Future Linux devel. Kernels"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 8 May 2000, Piotr Wilkin wrote:

> On Sun, 7 May 2000, Ron Van Dam wrote:
>
> > Well my thought was if you are running syslog on another box you would have
> > somewhat of a temperproof
> > system. For instance an intruder compromises root. loads a kernel module to
> > hide his/her activities. If modules are logged there's one more piece of
> > evidence that the system has been compromised. Right now (under 2.2 kernels)
> > I do not see any logs when I load (or remove) modules.
> >
> In case anyone else wants module loading/unloading logging, here is the
> patch against 2.3.99-pre7-6:

shouldn't modutils do the sysloggin?

Jeff

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Manoj Jose: "Searching DUD Generating Appns"
Previous message: kumon@flab.fujitsu.co.jp: "Re: 2.3.99-preX, Duplicated entries in /proc/irq"
In reply to: Piotr Wilkin: "[PATCH] RE: Future Linux devel. Kernels"
Next in thread: Sven Koch: "Re: [PATCH] RE: Future Linux devel. Kernels"
Reply: Sven Koch: "Re: [PATCH] RE: Future Linux devel. Kernels"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:12 EST