[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Mon, 2005-10-03 at 14:41 +0100, William Fidell wrote: > > You might want to have a look at this > http://security.linux.com/security/05/09/15/1655234.shtml?tid=35. It > has some interesting ideas. > Yes, this seems to be a good article. I would add that although it mentions rootkits, it didn't seem to mention actually running a rootkit checker. If someone has gotten into a server via SSH (or indeed by any other method) and installed a rootkit, then discovering that fact would be nice :-) I run both chkrootkit and rkhunter via cron (google will show where the home pages for these are). John. -- --------------------------------------------------------------- John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914 E-mail: John.Horne@xxxxxxxxxxxxxx Fax: +44 (0)1752 233839 -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html