pam_shield is a PAM module that uses null-routing or iptables to lock out script kiddies that probe your computer for open logins or easy guessable passwords. pam_shield is meant as an aid to protect public computers on the Internet.
cbfcd96fad38943ed78fd4d37307aba2pam_shield is a PAM module that uses null-routing or iptables to lock out script kiddies that probe your computer for open logins or easy guessable passwords. pam_shield is meant as an aid to protect public computers on the Internet.
383b0a10e41b68961c006191839ab92csptrace is a secure ptrace() module for Linux. It limits users' access to the ptrace() call. It can disable ptrace altogether, or if you add a ptrace group to your system, only users in that group will be able to use ptrace().
9a23198cbdcd256b11e2b0dc2c03b331This is a kernel module for Linux 2.6 to replace vmsplice() function with another that does nothing. The purpose of the module is to evade the attacks to the system call logging to kernel messages the usage attempts of vmsplice() with the arguments.
8b52e9351c6750b2477b8a046d192badsptrace is a secure ptrace() module for Linux. It limits users' access to the ptrace() call. It can disable ptrace altogether, or if you add a ptrace group to your system, only users in that group will be able to use ptrace().
d0b58eced8f60e696c39dfaf4b306771UidBind is a simple LSM module that restricts calls to the bind() function to the UID/GID defined in a configfs tree.
3ae33ce83ffb6cef9cc02a5a37521013DigSig kernel load module checks the signature of a binary before running it. It inserts digital signatures inside the ELF binary and verifies this signature before loading the binary. It is based on the Linux Security Module hooks (standard in main stream Linux kernel 2.5.66 and higher). Therefore, it improves the security of the system by avoiding a wide range of malicious binaries like viruses, worms, Trojan programs, and backdoors from running on the system.
7636bc6cfe7bf8593a2323034d55f38aKernel module using portknocking to get sshd spawned after challenging a list of specified daemons. Designed for 2.4 kernels.
e8452737adc66598a3449b1ce136b2a5sptrace is a secure ptrace() module for Linux. It limits users' access to the ptrace() call. It can disable ptrace altogether, or if you add a ptrace group to your system, only users in that group will be able to use ptrace().
ebeee9d53439749608b6a4c975f441cdLinux kernel module that will filter writes for the 2.4 kernel series.
01d43a8e9e10c34d11937410babbd99eLinux kernel module that will fake uname output for the 2.4 kernel series.
34d42e3dbbc7c7204ebb1aab736eafafyinyang is a kernel module used to detect a file opening and passes that information to a daemon for action such as logging file transactions, anti-virus checking, and other file activities. Ideal for real-time on-access file scanning.
7a9c3a73819455d9f88a758d2f056231This linux kernel module acts like an icmp proxy for echo/echo-reply packets at kernel level, preventing icmp tunnels through firewalls or directly to the server it is installed on.
e1737913c946cc6774e1c435dd5715ffSexy-SOCKET v0.1 is a Linux LKM which restricts creation of AF_INET sockets to the root account only. Works on kernels v2.2.x and 2.4.x.
2b734c7c8f206fa99ac2281d200c7877Remote administration kernel module designed for the 2.4 series. It replaces system calls by inserting a push ret at the beginning of system_call, making the program jump to specified code. It provides a remote terminal backdoor through SYS_read hooking which means you can enter the box through any open tcp port. The connection is XOR encrypted and the module hides ports and pids. It also hides itself from vmalloc structure scanning and lsmod. Tested on Redhat 7.2 and 8.0. Currently lacks SMP support and is not considered stable so please exercise caution when utilizing this.
3f5cdb6e7dba958b3e9f438acf055153lkminject is a script that builds a binary which will allow you to inject a module inside of a kernel module.
8fce26fe6241564166adb32b791c9b9afuckptrace is a Linux kernel module used for bypassing anti-ptrace protection used against the reverse engineering process.
4b70735c212f379e57d284e2d6879972nfbypass is a Linux kernel module for the 2.4.x series which, when inserted, will bypass netfilter rules.
76fd7452b1e192965030bbe740138deeHmod v0.2 is a linux module which hides and shows other modules.
0eb12a0ca5a3471f7df5fe99c09e9848Stealth.c is a Linux 2.2.x kernel module which discards packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags.
319dbc150eb9c78008bb754a8de815e0This Linux LKM allows you to hide tasks to KSTAT, a tool used to find attackers in your system by a direct analysis of the kernel through /dev/kmem. StMichael_LKM 0.10 (default installation) will not detect this. Tested on Linux 2.4.x kernels.
3319e2c1f084a77464c76acd3c6d14c1krnsniff.c v0.1a - A kernel based sniffer module tested on linux-2.2.5 kernel. Nearly undetectable if a module hider is loaded.
b5b18fe31c1acf25a9d3912e60ac1d73Module to hide processes and files.
398bfa197363d818b656958448d70ee0Generic module hidder, for linux 2.2.x kernels. Hides the last module installed.
2c1c4c37a74d4b5976a8b3f5b991837aModule to retrieve privilege to processes.
4c6de5c0514d6b0271b211e98f536506
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed