From owner-freebsd-hackers@FreeBSD.ORG Fri Sep 24 15:49:58 2004 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DAEB316A4DC; Fri, 24 Sep 2004 15:49:58 +0000 (GMT) Received: from post5.inre.asu.edu (post5.inre.asu.edu [129.219.110.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id 92D6743D31; Fri, 24 Sep 2004 15:49:58 +0000 (GMT) (envelope-from David.Bear@asu.edu) Received: from conversion.post5.inre.asu.edu by asu.edu (PMDF V6.1-1X6 #30769) id <0I4J00901YG8YI@asu.edu>; Fri, 24 Sep 2004 08:45:44 -0700 (MST) Received: from smtp.asu.edu (smtp.asu.edu [129.219.110.107]) <0I4J0092IYG8SO@asu.edu>; Fri, 24 Sep 2004 08:45:44 -0700 (MST) Received: from moroni.pp.asu.edu (moroni.pp.asu.edu [129.219.69.200]) (8.12.10/8.12.10/asu_smtp_relay,nullclient,tcp_wrapped) with ESMTP id i8OFjg71010854; Fri, 24 Sep 2004 08:45:42 -0700 (MST) Received: by moroni.pp.asu.edu (Postfix, from userid 500) id E2878E04; Fri, 24 Sep 2004 08:45:40 -0700 (MST) Received: from post1.inre.asu.edu (post1.inre.asu.edu [129.219.110.72]) by imap1.asu.edu (8.11.0/8.11.0/asu_cyrus,tcp_wrapped) with ESMTP id f889kMX20194 for ; Sat, 08 Sep 2001 02:46:22 -0700 (MST) Received: from conversion.post1.inre.asu.edu by asu.edu (PMDF V6.0-24 #47346) david.bear@asu.edu) ; Sat, 08 Sep 2001 02:46:22 -0700 (MST) Received: from mx2.freebsd.org (mx2.freebsd.org [216.136.204.119]) by asu.edu (PMDF V6.0-24 #47346) with ESMTP id <0GJC00IKW8H92N@asu.edu> for iddwb@IMAP1.ASU.EDU (ORCPT david.bear@asu.edu); Sat, 08 Sep 2001 02:46:22 -0700 (MST) Received: from hub.freebsd.org (hub.freebsd.org [216.136.204.18]) by mx2.freebsd.org (Postfix) with ESMTP id AB29055ACB; Sat, 08 Sep 2001 02:46:11 -0700 Received: by hub.freebsd.org (Postfix, from userid 538) id C3E0537B40F; Sat, 08 Sep 2001 02:45:59 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with SMTP id 38B822E8152; Sat, 08 Sep 2001 02:45:58 -0700 (PDT) Received: by hub.freebsd.org (bulk_mailer v1.12); Sat, 08 Sep 2001 02:45:58 -0700 Received: from ringworld.nanolink.com (sentinel.office1.bg [217.75.135.254]) by hub.freebsd.org (Postfix) with SMTP id 6568837B401 for ; Sat, 08 Sep 2001 02:45:52 -0700 (PDT) Received: (qmail 9160 invoked by uid 1000); Sat, 08 Sep 2001 09:45:28 +0000 From: Peter Pentchev In-reply-to: <"from deepak"@ai.net> Sender: owner-freebsd-security@FreeBSD.ORG To: dwbear75@gmail.com Message-id: <20010908124528.D2176@ringworld.oblivion.bg> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-disposition: inline Precedence: bulk X-Loop: FreeBSD.org Delivered-to: freebsd-security@freebsd.org Old-To: Deepak Jain User-Agent: Mutt/1.2.5i References: X-Keywords: X-Status: cc: freebsd-security@FreeBSD.ORG cc: "freebsd-hackers@FreeBSD. ORG" Subject: Re: Kernel-loadable Root Kits X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Fri, 24 Sep 2004 15:49:59 -0000 X-Original-Date: Sat, 08 Sep 2001 12:45:28 +0300 X-List-Received-Date: Fri, 24 Sep 2004 15:49:59 -0000 On Sat, Sep 08, 2001 at 05:43:41AM -0400, Deepak Jain wrote: > > Short question: > > Is there a way to prevent the kernel from allowing loadable modules? Run your system in securelevel 1 or higher. See the init(8) manual page and the kern_securelevel_enable and kern_securelevel variables in the rc.conf(5) manual page. G'luck, Peter -- .siht ekil ti gnidaer eb d'uoy ,werbeH ni erew ecnetnes siht fI To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message