[nzlug] Strange semi-responding machine
Phillip Hutchings
sitharus at sitharus.com
Thu Nov 23 17:06:24 NZDT 2006
On 11/23/06, Dirk Pilat <pilatdirk at mac.com> wrote:
> On Wed, 22 Nov 2006 14:04:04 +1300, Daniel Lawson <daniel at meta.net.nz>
> wrote:
>
> > Both of these options could explain high load average, although good
> > rootkits usually take pains to hide themselves completely.
>
> Are there rootkits out there running on Linux?
>
> Bummer. One selling point for Linux gone.
There are rootkits for every OS. The main difference is the difficulty
in getting the rootkit on the machine. If you have full admin access
you can do pretty much anything, but a remote user or an unprivileged
user shouldn't be able to install one. That's why Linux is more secure
than Windows.
Also, don't forget that any decent kernel will protect the system from
malicious code, not the user that runs it. So while you won't lose the
system you may lose your files...
--
Phillip Hutchings
http://www.sitharus.com/
More information about the NZLUG
mailing list