From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.43) id 1E8Nyu-0002k7-In for garchives@archives.gentoo.org; Thu, 25 Aug 2005 20:05:48 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j7PK2d3D016972; Thu, 25 Aug 2005 20:02:39 GMT Received: from vms040pub.verizon.net (vms040pub.verizon.net [206.46.252.40]) by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j7PJsiGa013697 for ; Thu, 25 Aug 2005 19:54:44 GMT Received: from mail.joat.com ([71.114.133.129]) by vms040.mailsrvcs.net (Sun Java System Messaging Server 6.2 HotFix 0.04 (built Dec 24 2004)) with ESMTPA id <0ILS004HYNDCGQF0@vms040.mailsrvcs.net> for gentoo-user@lists.gentoo.org; Thu, 25 Aug 2005 14:56:00 -0500 (CDT) Received: from localhost (cornholio.joat.com [127.0.0.1]) by mail.joat.com (Postfix) with ESMTP id 932F1488D for ; Thu, 25 Aug 2005 15:55:59 -0400 (EDT) Received: from mail.joat.com ([127.0.0.1]) by localhost (cornholio [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 15869-01 for ; Thu, 25 Aug 2005 15:55:53 -0400 (EDT) Received: from cdnebinge (jnet.state.pa.us [206.224.31.162]) by mail.joat.com (Postfix) with ESMTP for ; Thu, 25 Aug 2005 15:55:53 -0400 (EDT) Date: Thu, 25 Aug 2005 15:57:17 -0400 From: "Dave Nebinger" Subject: RE: [gentoo-user] Forgotten root password on remote system In-reply-to: <5248cd50050825122236e99b70@mail.gmail.com> To: Message-id: <003f01c5a9af$325ec610$3a01010a@jnetlab.lcl> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.2527 X-Mailer: Microsoft Outlook, Build 10.0.6626 Content-type: text/plain; charset=iso-8859-1 Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal DomainKey-Signature: a=rsa-sha1; h=Received:Received:From:To:Subject:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Priority:X-MSMail-Priority:X-Mailer:In-Reply-To:Importance:X-MimeOLE:X-Virus-Scanned; b=WZTAzdl0S3oCE+Mqkurgr4fgrLBJb3GEW9kAd0OxOtIBPCTA0n114h1zV/1DEKEZtnCFmF+QOzx4AdJvQaKzo4bv7U9axbYPcAfJH/cG9h4UwG9pbVr/AeXf/Ci11tidBK62Nw3l+arbVGLDG5raw2wsmKU2j95ZvSk3T0mRKSk=; c=nofws; d=joat.com; q=dns; s=selector1 X-Virus-Scanned: amavisd-new 2.3.2 (20050629) at joat.com X-MIME-Autoconverted: from quoted-printable to 8bit by robin.gentoo.org id j7PJsiGa013697 Content-Transfer-Encoding: quoted-printable X-MIME-Autoconverted: from 8bit to quoted-printable by robin.gentoo.org id j7PK2d3W016972 X-Archives-Salt: 3f52869f-6854-4e6b-a48f-40bcacbde0c9 X-Archives-Hash: 87e1578c348460fe4f9091f759ca65ea > Well, I just remembered hearing about rootkits.=A0I think all=20 > you need is access to a user and a rootkit, but I haven't=20 > used one so I wouldn't know...but a simple google search=20 > came up with some linux rootkits=A0:p Sure, but is it really something you want to install on your system? It might get you in, but how do you ensure you remove it completely and fast enough to ensure that no one else can access the system while you're doing it? Besides, how do you know which rootkit will work with your=20 system? Don't you think the kernel developers would be fixing holes that allowed rootkits in? Yes you get a lot of hits from google, but if you look at them Most of them are worthless. Even for hits that point at some rootkits you find that they are pretty darn old. "Compiled=20 under FreeBSD 4.3" or "Targets kernel 2.[24]". Not very practical these days. --=20 gentoo-user@gentoo.org mailing list