[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] Memory leak (hacked?)
On Wed, 7 Apr 2004, Joe Knapka wrote:
> Or, you may be hacked. A clever intruder can insert modules
> into the kernel (which is why a public server shouldn't have
> module load/unload enabled), and can also hide the fact that
> he's done so. A malicious module that simply allocated
> pages as fast as it could would cause the behavior you're
Common misperception, but it actually makes no difference. Even if you
disable module loading / unloading, attackers can still insert LKMs.
Modern linux rootkits do exactly this....