Posted by: Anonymous Coward
on October 17, 2005 10:03 PM
If a trojan could replace lsof, why couldn't it modify trojanscan.conf to have the MD5 of the hacked lsof? Or just modify trojanscan? Is the idea that intruders won't expect trojanscan to be there (security through obscurity)?
Learn about Linux
Download Linux
Get Linux help
hash stored in file
Posted by: Anonymous Coward on October 17, 2005 10:03 PM#