Package: wnpp Severity: wishlist Package name : dr-rootkit Version : 0.1 (according to README) Upstream Author : Bas Alberts <[EMAIL PROTECTED]>, Daniel Palacio URL : http://www.immunityinc.com/resources-freesoftware.shtml License : GPL2 (with Linus T. remark like the kernel) Programming Lang: C Description : IA32 Debug Register based rootkit Architecture : i386 (i686)
Will Debian the first Linux distro shipping their own rootkit? DR features a reference implementation of a IA32 debug register based rootkit hooking engine. It does not modify IDT or syscall_table at all but still provides transparent syscall hooking on IA32 Linux 2.6. How to detect the rootkit? As easy as "dpkg -l dr-rootkit". No need for chkrootkit, rkhunter, or unhide. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]