* Alias:
> MICHAEL wrote:
>> * Alias:
>>> MICHAEL wrote:
>>>> * Alias:
>>>>> Back to the present. Use Ubuntu and never worry about a virus, root kit or any other
>>>>> malware. http://www.ubuntu.com/
>>>> http://www.sans.org/reading_room/whitepapers/linux/901.php Linux RootKits For
>>>> Beginners - From Prevention to Removal
>>>>
>>>> One day while reading a mail list for the Linux Users Group in my hometown I
>>>> discovered a call for help. It was a posting from a novice Linux user with a
>>>> disturbing issue. While doing some routine checks on a Linux system, he found a user
>>>> that had been added to the system with the user id of 0 (root). His first thought was
>>>> that it might be a rootkit. He wanted to know what he could do to verify it was a
>>>> rootkit and how to remove it from the system. He further asked for suggestions on
>>>> preventative measures to ensure this kind of attack does not reoccur. That situation
>>>> prompted me to write this paper to an understanding of rootkits and its effects. This
>>>> paper will also discuss how to monitor for a rootkit, and the steps that need to be
>>>> taken to remove one.
>>>>
>>> I never said that a firewall wasn't necessary. Ubuntu comes with one built-in. I would
>>> also recommend a router hard firewall.
>> "Use Ubuntu and never worry about a virus, root kit or any other malware." -Alias
>>
>> You said "never", you were wrong.
>>
>> "Absolute truth" is for absolute fools.
>>
>>
>> -Michael
>
> Is there an echo in here?
Only the echoes of your foolish nonsense.
> If one has Ubuntu that comes with a firewall
So does Vista.
> and a router with a firewall how, pray tell, will anyone install a root kit?
You never stated that in your original reply.
"Use Ubuntu and never worry about a virus, root kit
or any other malware." -Alias
I see no mention of using additional security measures.
Now you bring up the "ifs". If a Window user properly
secures their machine, they will not suffer from rootkits, either.
Amazing that there are programs for Linux rootkit removal
when there are no Linux machines getting infected.
Amazing such warnings, as the below, exist if no Linux users were being
infected.
http://www.juniper.net/security/auto/vulnerabilities/vuln734.html
Severity: HIGH
Description:
The Satori Linux Rootkit is a collection of publicly available Trojan utilities that target
Linux systems. It is also known as Linux Rootkit 4 and is distributed by The Crackers Layer.
Based on the original Rootkit Trojan utilities, Satori provides similar functionality; it
replaces system utilities with backdoor versions that allow attackers to steal system
information, monitor activities, spawn root shells, and take control of a target machine.
Satori is either installed by other Trojans or worms, or by attackers exploiting other system
vulnerabilities. An attacker may also be able to trick users into installing Satori onto their
systems.
Affected Products:
Linux Kernel Many
--------------------------------------
Amazing that there's another Linux Rootkit detector,
RKProfiler LX, if there are no Linux rootkit infections.
These people/programmers/companies must just like
to waste their time coming up with these useless products.
http://weblog.infoworld.com/securityadviser/archives/2007/02/new_linux_rootk.html
New Linux rootkit detector.
RKProfiler LX is divided into two parts: a data collection component called "Rootkit Profiler
Module" (RKPmod) and a data interpretation component called "Rootkit Profiler Console"
(RKPconsole).
RKPmod is a kernel module that gets loaded on the system that should be checked for the
presence of a kernel rootkit. There are other ways to perform data collection, but currently
only this approach is publicly available.
http://www.trapkit.de/research/rkprofiler/rkplx/rkplx.html
RKProfiler LX currently supports the following Linux Distributions:
- SUSE Linux Enterprise Server 10 (x86, 32-bit)
- SUSE Linux Enterprise Desktop 10 (x86, 32-bit)
- Ubuntu 7.04 (x86, 32-bit)
- openSUSE 10.2 (x86, 32-bit)
Amazing how foolish you really are.
Carry on.
-Michael