Re: [TCLUG:12706] VENIX

To: tclug-list@mn-linux.org
Subject: Re: [TCLUG:12706] VENIX
From: Dan Debertin <danield@bitstream.net>
Date: Fri, 21 Jan 2000 16:58:25 -0600 (CST)
In-Reply-To: <Pine.LNX.3.95.1000121163107.27538G-100000@newton.pconline.com>

On Fri, 21 Jan 2000, Christopher Palmer wrote:

> On Fri, 21 Jan 2000, Dan Debertin wrote:
> 
> > You're debugging a binary? Pray that this VENIX has truss/strace, and
> > bring source code for a good hex editor while you're at it....these tools
> > are the binary hacker's swiss army knife.
> 
> You speak as if from experience...? I might have to be real impressed, and
> then come over and bug you for fun stories. :)

Yup. Every time tripwire reports that something weird like 'du' or 'ls'
has changed on a system, I pull out truss, strings and hexedit and have at
it. Sometimes it turns out to be benign .... other times it's something
like 'ooh look, what might open("/etc/shadow", O_RDONLY) be doing in the
'ls' program??'

but seriously folks, if I could actually _program_ in a hex editor, I'd be
making a lot more than I am now.....
0x0A731D8F is the address of a pointer to my lack of machine-coding skills
.... ;)

~Dan D.

____________________________________________________________________ -- I
know you think you thought you knew what you thought I said, -- but I'm
not sure you understood what you thought I meant.

++  Dan Debertin
++  Systems Administrator
++  Bitstream Underground, Inc.
++  danield@bitstream.net
++  (612)321-9290

Follow-Ups:
- Re: [TCLUG:12706] VENIX
  - From: Christopher Palmer <reid@pconline.com>

References:
- Re: [TCLUG:12706] VENIX
  - From: Christopher Palmer <reid@pconline.com>

Prev by Date: Re: [TCLUG:12706] VENIX
Next by Date: Re: [TCLUG:12721] Re: [OT] 4-channel MP3/CD-audio?
Prev by thread: Re: [TCLUG:12706] VENIX
Next by thread: Re: [TCLUG:12706] VENIX
Index(es):
- Date
- Thread