Azimout's Linux weblog


leave a comment »

A presentation at the recent Black Hat Europe ’09 conference (in Amsterdam, NL) describes how to install a linux kernel rootkit by exploiting the /dev/mem interface.

The author admits that the STRICT_DEVMEM configuration option would mitigate this threat. Running grep STRICT_DEVMEM /boot/config-2.6.28-11-generic on my Jaunty kernel’s configuration file tells me I have this option enabled:


I don’t know what’s the situation on older releases, or on different distros.


Written by azimout

28/04/2009 at 00:24

Posted in News

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: