User: Password:
|
|
Subscribe / Log in / New account

Known-exploit detection for the kernel

Known-exploit detection for the kernel

Posted Dec 19, 2013 9:36 UTC (Thu) by zlynx (subscriber, #2285)
In reply to: Known-exploit detection for the kernel by dlang
Parent article: Known-exploit detection for the kernel

A really well informed attacker can try to jam the log server with nonsense UDP or TCP resets. He'd need access to the log server network of course.

If he can DOS the log server, it won't record anything except a pile of junk. Once he gets root he can kill -9 the log service, clean the logs and restart it.

Just another thing to watch out for.


(Log in to post comments)

Known-exploit detection for the kernel

Posted Dec 19, 2013 16:30 UTC (Thu) by Funcan (subscriber, #44209) [Link]

A sufficiently advanced attacked can also break in and steal the log server. I doubt most people are facing that level of APT most of the time though...


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds