xarchiveshash:6c344dadc5f61fb5d6600e44990cffd3

public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed

Search results ordered by [date|relevance]  view[summary|nested|Atom feed]
thread overview below | download:

* [gentoo-user]  Re: Excessive processor usage
  @ 2007-08-06 17:36 99%       ` James
  0 siblings, 0 replies; 1+ results
From: James @ 2007-08-06 17:36 UTC (permalink / raw
  To: gentoo-user

Hans-Werner Hilse <hilse <at> web.de> writes:

> > If you want to check there is no such program on your system, I
> > advice you to try chkrootkit, to check there is no such rootkit on
> > your system...

> To put it correctly, since there is _NO_ way to assure that there isn't
> a rootkit:

> chkrootkit can be used to check whether there _are_ _known_ rootkits.

> BTW, there are other, similar programs that do the same.
> But my point is: You can never be sure, since a hypothesis can't be
> proven correct, just invalid.

Well you are right and you are wrong.
You are right for noobs.

If the person has a second system and sets up a flat hub and the
ethernet in stealth mode, you can sniff the ethernet I/O all day
long and use a variety of tools to discern if nefarious activities
abound on a given system. Sure it's a bit of work, but all hacked
systems I've ever seen use the system to ethernet I/O.  They can
encrypt that traffic, but if you know what should/not be traversing
the ethernet, there is no way to hide an actively compromised 
system. 

If the hacker scantly uses resources, and is elite, often it's the
best thing for a noob, because they keep the systems in pristine
condition....

building a gentoo based firewall, that runs off of a  non rewritable
media (CD and such) is definitely a good idea, if you want to 
control your resource utilization....

ymmv,
hth,

James

-- 
gentoo-user@gentoo.org mailing list

^ permalink raw reply	[relevance 99%]

Results 1-1 of 1 | reverse | options above

-- pct% links below jump to the message on this page, permalinks otherwise --
2007-08-06 11:50     [gentoo-user] Excessive processor usage sean
2007-08-06 12:03     ` Abraham Marín Pérez
2007-08-06 12:30       ` Xav'
2007-08-06 14:29         ` Hans-Werner Hilse
2007-08-06 17:36 99%       ` [gentoo-user] " James
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox