> Message: 3 > Date: Sun, 24 Jul 2005 04:30:10 -0400 > From: Binand Sethumadhavan <[EMAIL PROTECTED]>
> On 24/07/05, Raj Mathur <[EMAIL PROTECTED]> wrote: > > 2. Keep /tmp in a separate partition and set the noexec flag on it. > > Most (all?) Linux rootkits install through creating a file in /tmp, > > compiling it and running it from there itself. noexec /tmp and they > > go away looking foolish muttering ``Curses! Foiled again!'' under > > their breath. > > There is usually a /var/tmp (and sometimes a /usr/tmp) with same > permissions as /tmp. A configurable rootkit will try /var/tmp if it is > unsuccessful in using /tmp :) Create a separate disk partition and mount it on /var/tmp with noexec flag and same permissions as /tmp. -- Arun Khan <[EMAIL PROTECTED]> Linux is a wigwam: No Windows, No Gates, Apache inside. ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ linux-india-help mailing list linux-india-help@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-india-help
