[ale] ipv6 dns requests???
David Hamm
ale at spinnerdog.com
Tue Apr 20 08:14:58 EDT 2004
I've heard a popular trick of crackers is to use IPV6. It goes undetected
since most aren't using it. You might try using one of the rootkit tools to
see if the system has been root kited.
Some security experts suggest deleting the IPV6 modules from /lib/modules
directories. You could rename the IPV6 modules and reboot. There is a
chance the system might not come back up but if you've been cracked you
probably want to re-load the system anyway.
http://www.net-security.org/software.php?id=531
http://www.chkrootkit.org/
On Tuesday 20 April 2004 07:54 am, Geoffrey wrote:
> Robert L. Harris wrote:
> > If you do "lsmod" is there anything related to ipv6? If it's compiled
> > in static you may not be able to disable it.
>
> Yeah, I've got:
>
> ipv6 227392 -1 (autoclean)
> key 70456 0 (autoclean) [ipv6]
>
> I tried to remove them, but somethings got them busy. I shutdown all
> network services, still busy. :(
More information about the Ale
mailing list