[NCLUG] openssh

[Aaron D. Johnson]

> one thing that has been very anoying is the root kits that change
> the filesystem permissions to prevent renaming/removal of the trojan
> binaries ... any clue on how to undo that besides wiping the
> filesystem and restoring it?

See chattr(1).  It's a useful-or-annoying-depending-on-what-you-want-
it-for non-standard addition implemented on ext2fs (and ext3 also, I'm
sure) on Linux.  The ext2 debugfs might be able to toggle it, also...

- Aaron