[832] in bugtraq
Re: Anti Hijacking tools
daemon@ATHENA.MIT.EDU (der Mouse)
Sat Jan 28 11:15:58 1995
Date: Sat, 28 Jan 1995 10:32:55 -0500
From: der Mouse <mouse@Collatz.McRCIM.McGill.EDU>
To: jsz@ramon.bgu.ac.il
Cc: bugtraq@fc.net
>> Here is a program that does some of what der Mouse's device driver
>> does but runs as program that edits /dev/kmem to disable the device
>> /dev/vd.
> AntiHijacking tool? It disables sun4's kernel ability to modload
> modules on fly,
Right; this is the whole point.
> thus also disables things like ppp, slip, et al.
Only if your ppp/slip requires loading a kernel module at run-time. My
serial IP code doesn't depend on LKMs at all. Most that do can
probably be loaded in /etc/rc.local before the door is locked.
> I won't call it a solution.
Well, you're welcome to call it - or not call it - whatever you like.
I don't call it a solution either, but more because the security can so
easily be defeated with the help of a reboot.
And of course, if your environment doesn't call for "things like ppp,
slip, et al", this doesn't matter at all. Nobody _has_ to use either
of these things; they're just one more option available that some may
choose to avail themselves of.
der Mouse
mouse@collatz.mcrcim.mcgill.edu
