[835] in bugtraq
Re: Anti Hijacking tools
daemon@ATHENA.MIT.EDU (Karl Strickland)
Sat Jan 28 14:17:38 1995
From: Karl Strickland <karl@bagpuss.demon.co.uk>
To: jsz <jsz@ramon.bgu.ac.il>
Date: Sat, 28 Jan 1995 18:17:01 +0000 (GMT)
Cc: shipley@merde.dis.org, bugtraq@fc.net, mouse@Collatz.McRCIM.McGill.EDU,
cert@cert.org
In-Reply-To: <9501281335.AA00928@ramon.bgu.ac.il> from "jsz" at Jan 28, 95 03:35:11 pm
>
> >
> > ------- =_aaaaaaaaaa0
> > Content-Type: text/x-pgp; charset="us-ascii"
> > Content-ID: <22906.791264012.1@merde.dis.org>
> > Content-Description: Pgp signed cleartext
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> >
> >
> > Here is a program that does some of what der Mouse's device
> > driver does but runs as program that edits /dev/kmem to disable
> > the device /dev/vd.
> >
> > I did what can to bullet proof the code so that it does not stomp on
> > the wrong device driver.
> >
> > Written and tested under 4.1.3u1
> >
> > -Pete
> > shipley@dis.org
>
>
> AntiHijacking tool? It disables sun4's kernel ability to modload modules
> on fly, thus also disables things like ppp, slip, et al. I won't call it
> a solution.
Also note that there's nothing to stop someone opening /dev/kmem and putting
the correct cdevsw[] entries back in place. If you dont need loadable modules,
they're safer out of your kernel. If you do need them, better stop people
fucking about with /dev/kmem after you've disabled them via this method.
--
------------------------------------------+-----------------------------------
Mailed using ELM on FreeBSD | Karl Strickland
PGP 2.3a Public Key Available. | Internet: karl@bagpuss.demon.co.uk
|
