[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: One Way to Increase KDE security
From: Guillaume Laurent <glaurent () telegraph-road ! org>
Date: 2005-12-27 17:28:28
Message-ID: 200512271828.28621.glaurent () telegraph-road ! org
[Download RAW message or body]
On Tuesday 27 December 2005 17:57, Dave Feustel wrote:
> One of the big clues that I have an intruder in my system was that the
> permissions I was applying to those devices kept getting changed again
> after I set restricted permissions.
Is that the only indication you have about this ? On mandrake you have
security scripts which are run daily or even hourly and reset permissions on
most "sensitive" files, are you sure you're not seeing the same kind of
stuff ? I'd check your system logs first.
For what it's worth, I've had a linux machine rooted once (with the
'tornkit'). Believe me when I tell you that this kind of thing goes to a very
great length to hide itself. In short, you will *not* detect them simply by
seeing some permission changes. So I find it very unlikely that some cracker
would be cunning enough to crack an openBSD machine only to let himself be
detected so easily.
--
Guillaume.
http://www.telegraph-road.org
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic