[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[port139ml:03771] Re: $BK?=q@R$X(B$B$NFM$C9~$_(B

To: port139ml@xxxxxxxxxxxxx
Subject: [port139ml:03771] Re: $BK?=q@R$X(B$B$NFM$C9~$_(B
From: Kensuke Nezu <nez@xxxxxxxxxxx>
Date: Mon, 28 Jul 2003 10:34:21 +0900

$B:,DE$G$9!#(B
(B
(BHideaki Ihara wrote:
(B> $BIT@5K\$GA[Dj$7$F$k$N$O(B chkrootkit $BMxMQ$9$k%3%^%s%I72$K$D$$$F$O(B
(B> $B0BA4$K$7$^$7$g$&!*$H$$$&$3$H$J$s$G$9$,!"(Bwww.chkrootkit.org $B$K(B
(B> $B5-=R$5$l$F$$$k2<5-$r8+$k$H!"(Bbusybox $B$G$O%3%^%s%I$,B-$j$J$$$h$&(B
(B> $B$K8+$($^$9!#!J$C$F<+J,$GB-$;$P$$$$$N$+$J!)!K(B
(B> 
(B>  4. Which commands does chkrootkit use?
(B>     The following commands are used by the chkrootkit script:
(B> 
(B>     awk, cut, echo, egrep, find, head, id, ls, netstat, ps, strings,
(B>     sed, uname
(B
(Bbusybox$B$GB-$j$J$$%3%^%s%I$O%9%?%F%#%C%/%j%s%/!&!&!&$H$$$&$3$H$G$O$$$+$,!)(B
(B
(B> $B$"$H!"IT@5%"%/%;%9D4::$H$$$&$+(B Incident Response $B$N>l9g$K$O!"(B
(B> $B?/32$N2DG=@-$,$"$k%7%9%F%`>e$N%P%$%J%j$O!H4m81$+$b!I$H$$$&$3(B
(B> $B$H$GDL>o;H$$$^$;$s$N$G!"2>$K%7%9%F%`>e$K$"$k(B ps $B$J$I$,@EE*%j(B
(B> $B%s%/$5$l$F$$$F$b;H$($^$;$s$h$M(B...
(B> # $B3'$5$s$N$*OC$+$i$9$k$H1?MQLL$G$OJXMx$J$s$@$H;W$$$^$9$,!#(B
(B
(BCD-ROM$B$J$I$K>F$$$F$*$/>l9g$J$I$b%9%?%F%#%C%/%j%s%/$K$7$F$*$+$J$$$H!"(B
$B%P%$%J%j$G$O$J$/$F!"%i%$%V%i%j$b!I4m81$+$b!I$J$N$G!"F0$$$?$^$^(BIR$B$9$k(B
$B>l9g$G$b%9%?%F%#%C%/%j%s%/$OM-8z$J$N$G$O$J$$$+$H;W$$$^$9$,!&!&!&!#(B
(B
(B-- 
(B------
$B:,DE(B $B8&2p(B $BF|K\(BSamba$B%f!<%62q(B / $B%;%-%e%j%F%#!&%9%?%8%"%`http://www.samba.gr.jp
$B%;%-%e%j%F%#%9%?%8%"%`(B : http://www.security-stadium.org
$B%*!<%W%s%=!<%9%;%_%J!<(B : http://www.famm.jp
(B $B"(!V(B802.11$B%;%-%e%j%F%#!W(B<$BH/GdCf(B>
(B   http://www.oreilly.co.jp/BOOK/80211security/
(B   802.11$B%;%-%e%j%F%#%5%]!<%H%5%$%H(B
(B   http://www.famm.jp/wireless
(B $B"(F|7P%M%C%H%o!<%/%;%-%e%j%F%#!AL5@~(BLAN$B%Q%K%C%/!A9%I>H/GdCf(B
(B   http://nwi.nikkeibp.co.jp/nwi/book/lan.html

References:
- [port139ml:03756] Re: $BK?=q@R$X(B$B$NFM$C9~$_(B
  - From: DANNA
- [port139ml:03757] Re: $BK?=q@R$X(B$B$NFM$C9~$_(B
  - From: TAKAHASHI Motonobu
- [port139ml:03764] Re: $BK?=q@R$X(B$B$NFM$C9~$_(B
  - From: Hideaki Ihara

Prev by Date: [port139ml:03770] Re: $BK?=q@R$X(B$B$NFM$C9~$_(B
Next by Date: [port139ml:03772] Re: $B$^$:$O!!(BSID $B$+$i(B$B!J(BRe: 7/19 $B$a$b(B
Previous by thread: [port139ml:03764] Re: $BK?=q@R$X(B$B$NFM$C9~$_(B
Next by thread: [port139ml:03773] Re: $BK?=q@R$X(B$B$NFM$C9~$_(B
Index(es):
- Date
- Thread

[port139ml:03771] Re: $BK?=q@R$X(B$B$NFM$C9~$_(B

[port139ml:03771] Re: $BK?=q@R$X(B$B$NFM$C9~$_(B