> Alex Belits wrote:
> > I assume that after intruder/script/trojan/virus got root access, there
> > is nothing reasonable that can be done except wiping out and reinstalling
> > the system IMNSHO efforts should be made only to prevent that from
> > happening, not to find a way to fight already lost battle.
>
> Well, no. You can reboot from non-writable media containing a known-good
> kernel and signature checker and use that to check signatures on the rest of
> your system.
>
Then it will be too late. It may be useful only as the last resort
measure, but relying on such a thing will be stupid.
-- Alex---------------------------------------------------------------------- Excellent.. now give users the option to cut your hair you hippie! -- Anonymous Coward
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/