Comment by transpute

14 days ago

> The rootkit now disables SELinux enforcing mode on-demand when the ICMP reverse shell is triggered, leaving zero audit logs.

Is this independent of the Linux Security Modules policy, e.g. RHEL default policy for SE Linux?

1 comment

transpute

Reply