[Techtalk] Re: User-Mode Linux v. BSD jail
Raven Alder
raven at oneeyedcrow.net
Mon Mar 10 13:00:49 EST 2003
Heya --
Quoth jennyw (Fri, Mar 07, 2003 at 10:51:02AM -0800):
Re: LIDS
> Out of curiosity, is there a way to set it up to allow everything but
> to log everything? That might be a way to find out what's running on
> your system before you try to block things.
There might be, but if so I don't know what it is. The default
ruleset is pretty restrictive, so you would have to change those rules
one by one to countermand the "don't allow this, don't allow that".
> > [even more sheepish grin] The really bad part about that was that it
> > horked the driver for my network card, so even under the good kernel I
> > couldn't get online at first to try and google for help.
>
> That's why I keep a Knoppix CD with me all the time! I sometimes do
> things like that, too. ;-)
Heh. Everyone does, I think. Yeah, I have a Tom's rootboot
disk for the same purpose, though I've been meaning to get a Knoppix CD
to play with that also.
> With UML, LIDS, etc. -- they all isolate the damage a hacker can do, but
> they don't necessarily prevent the breakin or provide you info on the
> breakin.
Right, at least as far as LIDS goes.
Cheers,
Raven
"These shoulders hold up so much,
They wont budge, I'll never fall or fold up,
I'm a soldier."
-- Eminem
More information about the Techtalk
mailing list