Solaris 10 Rootkits.

Solaris 10 Rootkits.
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Solaris 10 Rootkits. Mike Cox 03-01-2005
Posted by Mike Cox on March 1, 2005, 7:48 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
I was reading the Solaris 10 story on slashdot.org, when I came across a
link someone had posted. In essence, the article writer said that DTrace
makes writting rootkits easy for Solaris 10. I wonder, is this something
that is utter garbage, or is this something Solaris 10 users need to worry
about?

Here is the link the slashdot poster posted that details why DTrace make
rootkits easy to write for Solaris 10. I hope some Solaris Kernel engineers
can tell us if we need to worry or that this is all theoretical nonsense.
Thank you.

http://www.ccc.de/congress/2004/fahrplan/files/67-sun-bloody-daft-solaris-me
chanisms-paper.pdf




Posted by Markus Gyger on March 2, 2005, 6:02 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Mike Cox writes:
> Here is the link the slashdot poster posted that details why DTrace make
> rootkits easy to write for Solaris 10.
>
> http://www.ccc.de/congress/2004/fahrplan/files/67-sun-bloody-daft-solaris-me
> chanisms-paper.pdf

Considering that many people have the foundation source code of
Solaris 8 and that code of OpenSolaris should also be available
soon (as well as many edu customers who have access to the full
source for many years) the situation is likely somewhat similar
to other OSes like Linux or *BSD where the source is available?


Markus


Similar ThreadsPosted
Solaris - Diameter stack - RFC3588?? April 10, 2008, 3:38 am
Sony, Rootkits And Digital Rights Management Gone Too Far November 1, 2005, 10:08 pm
HPSBMA02288 SSRT071465 rev.1 - HP OpenView Operations (OVO) Running on HP-UX and Solaris, Remote Unauthorized Access, Denial of Service (DoS) November 14, 2007, 11:35 am
HPSBMA02236 SSRT061260 rev.1 - HP OpenView Performance Manager (OVPM) Running Shared Trace Service on HP-UX, Solaris, and Windows, Remote Arbitrary Code Execution August 29, 2007, 1:19 pm
HPSBMA02236 SSRT061260 rev.2 - HP OpenView Performance Manager (OVPM) Running Shared Trace Service on HP-UX, Solaris, and Windows, Remote Arbitrary Code Execution October 31, 2007, 2:50 pm

The site map in XML format XML site map

Contact Us | Privacy Policy