Hi, On Wed, 17 Oct 2007 12:19:07 -0500 Dan Farrell <[EMAIL PROTECTED]> wrote:
> FYI, although this is somewhat popular and seen as a performance > enhancement to many, ...I don't think dynamic linking has *that* big overhead. I think most people do this in order to secure the kernel/userland border. But nowadays, good rootkits are not dependent on module loading facilities but rather put direct hooks on memory addresses they can detect reliably. -hwh -- [EMAIL PROTECTED] mailing list