Why the Linux Nuts are always lying

Message ID: 372181

Posted By: deepdistrust

Subject: Why the Linux Nuts are always lying

In our continuing 'Teach That Nut' programme, we bring the following offering from SANS on Linux rootkits.

http://www.sans.org/rr/whitepapers/linux/901.php

The term rootkit came about because it refers to the compromise of Unix superuser root.

The Linux Nuts can appreciate just how much effort is involved in ensuring that their Linux machine is not rooted, and in checking if it is. Hopefully, this will stop them from such glib lies as 'Linux is inherently secure' in the future. Hopefully, they will shut up about Windows security products, and start asking themselves why they are not running some of the programs mentioned in the paper.

(BTW, the SANS paper says:

"When a rootkit is installed, it overwrites many commands used on a daily basis such as ls, ps, or netstat. By overwriting such commands, the intrusion can be masked from the administrators."

Now, who was that moron that was railing against me for saying the same thing? Name escapes me for the moment, but it is a big PJ fan!)

This Yahoo! SCOX Message Board post has been licensed for copying and distribution under the following license:

CCL Attribution-NonCommercial-ShareAlike v2.0.