[Snort-users] LKM detection
fygrave at ...121...
Fri Apr 6 13:42:29 EDT 2001
On Fri, Apr 06, 2001 at 01:02:27PM -0400, tmiller wrote:
> I just finished a paper on how to detect LKM rootkits. Here is the
You may mention this code as well. :) Was quite handy back in linux 2.0.xx times:
probably needs a bit of modification for linux 2.2.x and 2.4.x (haven't played with lkms on linux for ages)
More information about the Snort-users