[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Mon, 03 Oct 2005 14:58:20 +0100, John Horne wrote:
> On Mon, 2005-10-03 at 14:41 +0100, William Fidell wrote: > >> You might want to have a look at this >> http://security.linux.com/security/05/09/15/1655234.shtml?tid=35. >> It has some interesting ideas. >> > Yes, this seems to be a good article. > > I would add that although it mentions rootkits, it didn't seem to > mention actually running a rootkit checker. If someone has gotten > into a server via SSH (or indeed by any other method) and installed > a rootkit, then discovering that fact would be nice :-) I run both > chkrootkit and rkhunter via cron (google will show where the home > pages for these are). > > > John. Thanks John and all for your comments.
My first attempt will be to look at the iptables which I already use to disable ports that are not in use.
Failing that I will turn off Port 22 and leave it at that.
I will go away and digest all the useful info and comments and let you know how I get on.
Phil. |