Amir Alsbih, who found out how to write a rootkit for the 2.6 series of the Linux kernel, now proposes a module, which uses the same method to prevent any other module to load into memory.Last version of hardened-sources has GrSecurity option for this:
in general for servers it is a good idea to disable the function of loading modules in the kernel. this means that you have to compile all in your kernel, but never have the problems of such rootkits.
greets pete -- [email protected] mailing list
