-
(nearly) Complete Linux Loadable Kernel Modules -- the
definitive guide for hackers, virus coders and system
administrators, by pragmatic / THC, version 1.0, released
03/1999.
-
Attacking FreeBSD with Kernel Modules -- The System Call
Approach, by pragmatic / THC, version 1.0, released 06/1999
-
Solaris Loadable Kernel Modules -- Attacking Solaris with
loadable kernel modules, by Plasmoid / THC , version 1.0,
(c) 1999.
-
Abuse of the Linux Kernel for Fun and Profit, by halflife,
Phrack 50, April 9, 1997.
-
check-ps, by Duncan Simpson, is a program that is designed
to detect rootkit versions of ps that fail to tell you about
selected processes.
-
rkscan, is a shell script rootkit scanner for Linux.
-
Widespread Compromises via "ramen" Toolkit, CERT Incident
Note IN-2001-01.
-
ramenfind, by William Stearns, is a tool to detect and
remove the Ramen Worm from infected Linux machines.
-
Adore Worm, security advisory written by Matt Fearnow and
William Stearns.
- adorefind,
by William Stearns, is a tool to detect and remove the Adore
Worm on infected Linux machines.
-
Carbonite v1.0, by Kevin Mandia and Keith J. Jones is a
Linux Kernel Module to aid in rootkit detection.
-
MA-026.062001: Rootkit Attack, security advisory written by
the MyCERT about rootkits.
-->
-
Apache/mod_ssl Worm, CERT Advisory CA-2002-27.
Propagation of "Slapper" OpenSSL/Apache Worm Variants,
Internet Security Systems Security Alert. -->
-
Other security related links
|