Language Selection

English French German Italian Portuguese Spanish

Do you need to worry about the new /dev/mem rootkit problem?

Filed under
Security

A new paper was presented in late March about using /dev/mem to inject and hide a rootkit (PDF), and the method has been getting some press, leading to a little concern. The first thing that you should understand is that this class of attack has been used before. We know how to protect against it.

If you read the paper, you'll find out two things:

1. We need a way to write to /dev/mem as a regular user, and
2. There's a kernel config which protects against this mechanism.

rest here




More in Tux Machines

Voyager 9 Linux Distro Enters Development, Now Based on Debian 9 "Stretch"

The developers of the Voyager Linux OS announced the availability of the first Beta build of the upcoming Voyager 9 release, which will be based on the soon-to-be-announced Debian GNU/Linux 9 "Stretch" operating system. Read more

Black Lab Linux Gets First Weekly ISOs, Adds Linux Kernel 4.8 from Ubuntu 16.10

Earlier this week, we told you that Black Lab Software, the developers of the Ubuntu-based Black Lab Linux distribution, published the roadmap of the next Black Lab Linux releases. Read more

Games for GNU/Linux

Linux 4.9.13

I'm announcing the release of the 4.9.13 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-st... Read more Also: Linux 4.4.52 Linux 4.10.1