OT: GDB + rootkit question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: OT: GDB + rootkit question
From: Botond Kardos <Botond.Kardos@xxxxxxxxx>
Date: Mon, 13 Jun 2005 16:11:16 +0200
List-archive: <https://www.redhat.com/archives/fedora-list>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
Organization: EssNet Lottery Services Kft.
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

    Hi,
    since I heard that there are some newer rootkits which won't be detected by chkrootkit I'd like to check the running kernels symbol table against the compiled System.map. Is there a somewhat more detailed HOW-TO for doing this? The how-to's I've found by Googling usually only mention that I shall compare the tables with GDB. Can somebody tell me what exactly shall be done in GDB? (Because I haven't used it yet before.)
    Thanks,
    Botond

Prev by Date: torrent of FC4
Next by Date: Re: FC4 Released!!
Previous by thread: torrent of FC4
Next by thread: FC3->FC4: packages added or removed (or moved to extras)
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]