pam_shield is a PAM module that uses null-routing or iptables to lock out script kiddies that probe your computer for open logins or easy guessable passwords. pam_shield is meant as an aid to protect public computers on the Internet.
30593cbebd37bd26ba4c311caa7743df1fe19e4900f64d0cfe1380424f07d719pam_shield is a PAM module that uses null-routing or iptables to lock out script kiddies that probe your computer for open logins or easy guessable passwords. pam_shield is meant as an aid to protect public computers on the Internet.
c95daf9320832ac6105404ee8aeb842a90a9329e42bf719ab846810368290969sptrace is a secure ptrace() module for Linux. It limits users' access to the ptrace() call. It can disable ptrace altogether, or if you add a ptrace group to your system, only users in that group will be able to use ptrace().
6930bc9c9ee364d44e11ca82990ed89fcb6f0fbb39d10cfb065b9a069d1253d2This is a kernel module for Linux 2.6 to replace vmsplice() function with another that does nothing. The purpose of the module is to evade the attacks to the system call logging to kernel messages the usage attempts of vmsplice() with the arguments.
1126405085dd9c722f1b66ad864cd6e43f1a2622480e44610d778cb191a047d7sptrace is a secure ptrace() module for Linux. It limits users' access to the ptrace() call. It can disable ptrace altogether, or if you add a ptrace group to your system, only users in that group will be able to use ptrace().
5b12b0751d6b446ffc9e5227b0c97bbcef5ba151fe0717c374a2e204b1422aa5UidBind is a simple LSM module that restricts calls to the bind() function to the UID/GID defined in a configfs tree.
e5d287f1aa4ef3760b2c7204dc3a3a5bcc53b538f48c31e8062ab09a988b8ae5DigSig kernel load module checks the signature of a binary before running it. It inserts digital signatures inside the ELF binary and verifies this signature before loading the binary. It is based on the Linux Security Module hooks (standard in main stream Linux kernel 2.5.66 and higher). Therefore, it improves the security of the system by avoiding a wide range of malicious binaries like viruses, worms, Trojan programs, and backdoors from running on the system.
71a9882698f37ed54e72a04fb21ecad41b68f381a335ddc601301d49c752b135Kernel module using portknocking to get sshd spawned after challenging a list of specified daemons. Designed for 2.4 kernels.
2303c404a77a1d6f3f56d085ebc66a8d7c5ec6c8da1d01103b154df38163e80csptrace is a secure ptrace() module for Linux. It limits users' access to the ptrace() call. It can disable ptrace altogether, or if you add a ptrace group to your system, only users in that group will be able to use ptrace().
925d39bcb5258c0d96f619078df465b16b74d54e5578f6050b89569e1a9e3f5fLinux kernel module that will filter writes for the 2.4 kernel series.
0ecb743a9551bc4043cfabca5eea5394543c2ad4e7287889998590e34e3126a6Linux kernel module that will fake uname output for the 2.4 kernel series.
d20de33de4d5fa22a3db75f01fb41451871e54126d92a933a2f391636e6d7d5ayinyang is a kernel module used to detect a file opening and passes that information to a daemon for action such as logging file transactions, anti-virus checking, and other file activities. Ideal for real-time on-access file scanning.
d203f08bf9f7f8d70175d2752601233678644c81319fd93f6eb776353c2f91d4This linux kernel module acts like an icmp proxy for echo/echo-reply packets at kernel level, preventing icmp tunnels through firewalls or directly to the server it is installed on.
9fad32f633cbf5845c1c9aa19434551345fd747ac16e91b836ef8dfa81ef6435Sexy-SOCKET v0.1 is a Linux LKM which restricts creation of AF_INET sockets to the root account only. Works on kernels v2.2.x and 2.4.x.
a3c145dd51bd805728f98d8a91e71034354796aadf906e473ed5780486e2c771Remote administration kernel module designed for the 2.4 series. It replaces system calls by inserting a push ret at the beginning of system_call, making the program jump to specified code. It provides a remote terminal backdoor through SYS_read hooking which means you can enter the box through any open tcp port. The connection is XOR encrypted and the module hides ports and pids. It also hides itself from vmalloc structure scanning and lsmod. Tested on Redhat 7.2 and 8.0. Currently lacks SMP support and is not considered stable so please exercise caution when utilizing this.
6b9d7bae3d68b1249acacb7222865ed7c41cc99ea8d9bdfa1e45104e265d2741lkminject is a script that builds a binary which will allow you to inject a module inside of a kernel module.
20a13dd3a35002ac4722687a293c51b5fe9af4d0bed3092f3e47e75c4ddcc65efuckptrace is a Linux kernel module used for bypassing anti-ptrace protection used against the reverse engineering process.
4ae4703493e86a63a0d13935e9e14568b86026565924f9ba7e6b114fcc7646eenfbypass is a Linux kernel module for the 2.4.x series which, when inserted, will bypass netfilter rules.
c92278ac9f69f9e3fce669b4bdaf7609692c9cd2074111ab285fc98a64dc7c63Hmod v0.2 is a linux module which hides and shows other modules.
5b08628ff7b72d610c04a0ae1c489b7bb653d22926fe55c2d21cc2c6d2a608b7Stealth.c is a Linux 2.2.x kernel module which discards packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags.
617372d951b886ece66db028d0d134637d1a62f13ff55eb4e94be19b042ea7a4This Linux LKM allows you to hide tasks to KSTAT, a tool used to find attackers in your system by a direct analysis of the kernel through /dev/kmem. StMichael_LKM 0.10 (default installation) will not detect this. Tested on Linux 2.4.x kernels.
dc49efaef89afbc43c5d83140237d54e06f4f046160e60f98d081ee41e55de3ekrnsniff.c v0.1a - A kernel based sniffer module tested on linux-2.2.5 kernel. Nearly undetectable if a module hider is loaded.
18adb3e3c161671b9451fb3207ef6e8e30b362da78a994aad81922f1208f11ceModule to hide processes and files.
1dacfe7599201c72d4a5e36edbdc7611d0047682d8b6c3f2b694862f4e8fb406Generic module hidder, for linux 2.2.x kernels. Hides the last module installed.
6a208911f56caefd20bec7fdb917d6c6e42897a877c76fb78c4b54558227d418
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed