Great Circle Associates Firewalls
(October 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Sniffer detection.
From: "vojin urosevic" <vojin @ vsonic . fi>
Date: Thu, 17 Oct 1996 21:02:36 +0200
To: "Jeff Thompson" <jwthomp @ cu-online . com>, <Kyle_Amon @ jabil . com>
Cc: <firewalls @ GreatCircle . COM>, "Esakov Dmitriy" <esakov @ relcom . eu . net> 
> Actually, you should maintain a "trusted" copy of ifconfig and other
> system utilities for that matter off line.  When you want to check you
> copy them to the system and then check.  ifconfig is often one of the
> first binaries to be patched. Statically linked binaries or also
				       ^^^^^^^^^^^^^^^^^^^^^^	
Would anyone care to elaborate?

> preferable as it is also possible that your libraries have been patched.

regards

vojin
Follow-Ups:
Indexed By Date Previous: Re: The great source code debate (WAS: Re: Checkpoint)
From: "Tracy R. Reed" <treed @ straylight . connectnet . com>
Next: Re: The great source code debate (WAS: Re: Checkpoint)
From: Todd Graham Lewis <lists @ reflections . mindspring . com>
Indexed By Thread Previous: Re: FW: RE: Sniffer detection.
From: Ryan Russell/SYBASE <Ryan . Russell @ sybase . com>
Next: Re: Sniffer detection.
From: Michael Dillon <michael @ memra . com>
Google
 
Search Internet Search www.greatcircle.com