That's beautifull. Like hallmark card beautifull, really.
That left me wondering if "hallmark card beautifull" is a qualitatively better or worse description compared to a "Kodak moment". What's more, it makes me wonder what the counterpart to this all should be. it is not without reason the ancient greeks (are sposed to have) said, "beauty is not without terror".


what ever happened to Mr. wind? lol
After his incursion at 07:54:00 AM UTC he wandered off the LZ at +600.
He's MIA ever since.


You really should write to Reader's Digest...they have a page for people like you
I'm afraid I haven't got time to write quality articles for your favourite magazine, I'm sorry.

three cheers to uSpawn..

this thread was real fun...

hmmm, what if he/she wanted to take up some security practices and learn how to attack/defend his own boxes? In which case there's nothing wrong with asking where to find a rootkit with the proper explanation. If it's for malicious purposes, then I hope you find what you're looking for and I also hope the feds/whoever find who they are looking for as well when you mess up

hmmm, what if he/she wanted to take up some security practices and learn how to attack/defend his own boxes?
Wrt our userbase:
I. See the LQ rules. #9 IIRC.
II. Using LRK's isn't in the newbie and intermediate security "best practices" AFAIK. It's deliberately degrading security and we do not promote that.
III. The stuff isn't impossible to find. If you can't find the info then I'm asserting you don't know zilch about security as well. If you don't know zilch about security then I assert you won't be using LRK's responsably either.
IV. If you're gonna play with LRK's, do it in a controlled test env. Using it to "test" a live box is irresponsible and has *nothing* to do with security.

Usually it ends by me closing these type of threads and give the member a chance to convince me by email their req's are legit. This time I tried to DoS the thread :-]

I never gave specifics of where the box was tested or whatever, now you're the one assuming But I can understand and respect the rules so whatever.

Sorry for resurrecting, I found this link on a post in another thread that got closed.

I understand the desire - I used to be a recent Windows convert and wannabe hacker too. Two things though:

a) Rootkits aren't illegal, but installing them on someone else's machine is highly illegal. For example, if I want to make a rootkit just for the fun of it, that's fine so long as I only put it on my machine. If you want to do some sort of thing where you let others use a computer you own to check their e-mail and such (like a public computer terminal at your business or something) that's fine - IF you make sure they are told that you are watching what they're doing, otherwise you're looking for a lawsuit.

It's a federal offense to put a rootkit (or keylogger, or any other such malicious software) on someone else's computer without them knowing and approving.

b) It's not easy. In Linux, major vulnerabilities are patched up pretty quick, especially any holes big enough to let you sneak in a whole rootkit. Debian, Red Hat, SuSE, etc. all have solid distribution setups that allow admins to update all software quickly and fairly painlessly - and are set up in such a way that these updates go out to everyone, and real quick too. Since on many setups all software on the system comes from these repositories, that means that all software stays fairly well-patched on most system. Also, most Linux/UNIX people tend to have more knowledge about and interest in computer security than Windows or Mac users.

So you'll have a tough time finding a computer you can get into unless you've found a server with an admin who got lazy on updates, or you found a glitch in the latest patch of a given software.

If all that didn't turn you off to the idea, know this: programming-wise, it's not easy to make a rootkit. The reason they're so potentially dangerous is that they're sneaky and obtrusive. They mimic the capabilities of other software to go undetected, so they don't break any system software that depended on whatever program they just replaced, and in order to be obtrusive they try to do this to common software that is used by the system and kept running 24/7. They do whatever they need/want to get whatever data they're collecting, but they try to do so in a way that won't be detected by the user or other software.

Making software that can hide itself from both the system and the user is tough - possible but tough. In Linux the tools required to protect yourself from such things is available right from your distro's repos. You can monitor the file system, as well as individual files and directories, for changes; set up a very solid firewall, often with a simple GUI tool; set up antivirus and antirootkit software; monitor network traffic, memory usage, etc. . . there's virtually every tool you need for rock-solid security, it's just a matter of reading (and understanding) the docs to set them up right.

If you are setting up a rootkit on your own machine, of course, you don't need to worry about that - but usually that's not what people want with a rootkit.

Considering that the OP has been off the LQ radar for the past three years, and that this thread was on the brink of closure almost five years ago, I'm laying this thread to rest.