ok I'll check it out ! Thanks Tyler. Appreciate it
On Fri, Oct 10, 2008 at 3:53 PM, Tyler Hudak <thudak (at) korelogic (dot) com [email concealed]> wrote:
> The one I used was the linux rootkit v5 which is pretty old and may
> not work on the version of suse you are running. IIRC, that has an
> install script you run which installs it on the system.
>
> Terry Cutler wrote:
>> Cool...thanks so much for sharing. Do you happen to have the
>> instructions you used to install it / use it ? I kinda behind the 8
>> ball and every minute counts.
>>
>> Thanks a million in advance !
>>
>>
>> On Fri, Oct 10, 2008 at 9:29 AM, Tyler Hudak <thudak (at) korelogic (dot) com [email concealed]> wrote:
>>> DOH! Never mind. Just saw the other messages in the thread. :)
>>>
>>> Terry Cutler wrote:
>>>> Great links all, thanks a billion...now for another twist (wouldn't be
>>>> IT without it), it's gotta work on Suse Linux enterprise Server SP2.
>>>>
>>>> I'll try a few of these in the mean time.
>>>>
>>>> On Thu, Oct 9, 2008 at 10:14 PM, Andre' - SemperSecurus
>>>> <sempersecurus (at) gmail (dot) com [email concealed]> wrote:
>>>>> Heya Terry,
>>>>>
>>>>> For starters, you could find and try:
>>>>> RatHole
>>>>> SucKIT
>>>>> Mood-NT 2.3
>>>>> Enyelkm
>>>>> Override
>>>>> Phalanx
>>>>>
>>>>> I'm pretty sure they'll all compile and run under 2.6 kernels.
>>>>>
>>>>> Andre'
>>>>>
>>>>> --
>>>>> Andre' M. Di Mino - SemperSecurus
>>>>> The Shadowserver Foundation
>>>>> adimino (at) shadowserver (dot) org [email concealed]
>>>>> http://www.shadowserver.org
>>>>> Skype: sempersecurus
>>>>> AIM: sempersecurus
>>>>>
>>>>> On Thu, Oct 9, 2008 at 4:47 PM, Terry Cutler <jedi31337 (at) gmail (dot) com [email concealed]> wrote:
>>>>>> Hey everyone, hope you're having a great week so far. I was wondering
>>>>>> if anyone knew of a working Linux ROOTKIT I could use to demonstrate
>>>>>> in a Security course I'm putting together. I'm not looking for ROOTKIT
>>>>>> revealers, but the actually malware.
>>>>>>
>>>>>> Thanks so much in advance !
>>>>>>
>>>>>> --
>>>>>> ./Terry Cutler
>>>>>> Master CNE , CDE, CLP, Certified Ethical Hacker
>>>>>>
>>>>>> ------------------------------------------------------------------------
>>>>>> This list is sponsored by: Cenzic
>>>>>>
>>>>>> Security Trends Report from Cenzic
>>>>>> Stay Ahead of the Hacker Curve!
>>>>>> Get the latest Q2 2008 Trends Report now
>>>>>>
>>>>>> www.cenzic.com/landing/trends-report
>>>>>> ------------------------------------------------------------------------
On Fri, Oct 10, 2008 at 3:53 PM, Tyler Hudak <thudak (at) korelogic (dot) com [email concealed]> wrote:
> The one I used was the linux rootkit v5 which is pretty old and may
> not work on the version of suse you are running. IIRC, that has an
> install script you run which installs it on the system.
>
> Terry Cutler wrote:
>> Cool...thanks so much for sharing. Do you happen to have the
>> instructions you used to install it / use it ? I kinda behind the 8
>> ball and every minute counts.
>>
>> Thanks a million in advance !
>>
>>
>> On Fri, Oct 10, 2008 at 9:29 AM, Tyler Hudak <thudak (at) korelogic (dot) com [email concealed]> wrote:
>>> DOH! Never mind. Just saw the other messages in the thread. :)
>>>
>>> Terry Cutler wrote:
>>>> Great links all, thanks a billion...now for another twist (wouldn't be
>>>> IT without it), it's gotta work on Suse Linux enterprise Server SP2.
>>>>
>>>> I'll try a few of these in the mean time.
>>>>
>>>> On Thu, Oct 9, 2008 at 10:14 PM, Andre' - SemperSecurus
>>>> <sempersecurus (at) gmail (dot) com [email concealed]> wrote:
>>>>> Heya Terry,
>>>>>
>>>>> For starters, you could find and try:
>>>>> RatHole
>>>>> SucKIT
>>>>> Mood-NT 2.3
>>>>> Enyelkm
>>>>> Override
>>>>> Phalanx
>>>>>
>>>>> I'm pretty sure they'll all compile and run under 2.6 kernels.
>>>>>
>>>>> Andre'
>>>>>
>>>>> --
>>>>> Andre' M. Di Mino - SemperSecurus
>>>>> The Shadowserver Foundation
>>>>> adimino (at) shadowserver (dot) org [email concealed]
>>>>> http://www.shadowserver.org
>>>>> Skype: sempersecurus
>>>>> AIM: sempersecurus
>>>>>
>>>>> On Thu, Oct 9, 2008 at 4:47 PM, Terry Cutler <jedi31337 (at) gmail (dot) com [email concealed]> wrote:
>>>>>> Hey everyone, hope you're having a great week so far. I was wondering
>>>>>> if anyone knew of a working Linux ROOTKIT I could use to demonstrate
>>>>>> in a Security course I'm putting together. I'm not looking for ROOTKIT
>>>>>> revealers, but the actually malware.
>>>>>>
>>>>>> Thanks so much in advance !
>>>>>>
>>>>>> --
>>>>>> ./Terry Cutler
>>>>>> Master CNE , CDE, CLP, Certified Ethical Hacker
>>>>>>
>>>>>> ------------------------------------------------------------------------
>>>>>> This list is sponsored by: Cenzic
>>>>>>
>>>>>> Security Trends Report from Cenzic
>>>>>> Stay Ahead of the Hacker Curve!
>>>>>> Get the latest Q2 2008 Trends Report now
>>>>>>
>>>>>> www.cenzic.com/landing/trends-report
>>>>>> ------------------------------------------------------------------------
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>> --
>>> Tyler Hudak
>>> Sr. Security Consultant
>>> KoreLogic Security
>>> 330-208-2286
>>> PGP Fingerprint: 1BA0 6E09 B385 1B26 AFD0 855E 4DB1 B00C C746 95DB
>>>
>>
>>
>>
>
> --
> Tyler Hudak
> Sr. Security Consultant
> KoreLogic Security
> 330-208-2286
> PGP Fingerprint: 1BA0 6E09 B385 1B26 AFD0 855E 4DB1 B00C C746 95DB
>
--
./Terry Cutler
Master CNE , CDE, CLP, Certified Ethical Hacker
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now
www.cenzic.com/landing/trends-report
------------------------------------------------------------------------
[ reply ]