OT: GDB + rootkit question
Botond Kardos
Botond.Kardos at essnet.se
Mon Jun 13 14:11:16 UTC 2005
Hi,
since I heard that there are some newer rootkits which won't be
detected by chkrootkit I'd like to check the running kernels symbol
table against the compiled System.map. Is there a somewhat more detailed
HOW-TO for doing this? The how-to's I've found by Googling usually only
mention that I shall compare the tables with GDB. Can somebody tell me
what exactly shall be done in GDB? (Because I haven't used it yet
before.)
Thanks,
Botond
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/users/attachments/20050613/84713b1f/attachment-0002.html
More information about the users
mailing list