Re: Re[2]: snooper watchers

Michael Neuman (mcn@c3serve.c3.lanl.gov)
Wed, 1 Mar 1995 11:14:41 -0600 (CST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: F. L. Charles Seeger III: "Re: Re[2]: snooper watchers"
Previous message: fast forward futurama: "Re: Re[2]: snooper watchers"
In reply to: Karl Strickland: "Re: Re[2]: snooper watchers"
Next in thread: Karl Strickland: "Re: Re[2]: snooper watchers"

> >      The best thing to do is take the nit support out of the kernel and 
> >      remove /dev/nit.  Now someone would have to build a new kernel and 
> >      reboot the machine to replace the nit support.
> >      
> is it not possible for a hacker to set his own boot device before performing 
> his reboot, and then reset it back to whatever-it-was later?  ie by messing 
> with /dev/openprom or whatever its called

  Sounds too complex to me... 

  If you take out NIT, I know of two ways I can put it back in WITHOUT
rebooting. Modifying running kernels isn't all that hard. Remember,
anything is possible...

-Mike
mcn@EnGarde.com
En Garde Systems
Computer Security Software and Consulting

Next message: F. L. Charles Seeger III: "Re: Re[2]: snooper watchers"
Previous message: fast forward futurama: "Re: Re[2]: snooper watchers"
In reply to: Karl Strickland: "Re: Re[2]: snooper watchers"
Next in thread: Karl Strickland: "Re: Re[2]: snooper watchers"