On Tue, 2004-08-31 at 21:04, Andrew Graupe wrote: > Peter Pankonin wrote: > > >On Tuesday 31 August 2004 06:51 pm, Matthew Kent wrote: > > > > > >>>I don't *think* anyone has broken in yet, but I can't be sure. > >>> > >>> > >
SNIP > >>I've never done it before, but I believe there are some standard kits to > >>check for signs of a rooting. > >> > >> > > > >chkrootkit, http://www.chkrootkit.org/ > > > > > > > I've heard that it is only possible to be really sure if you have a > guaranteed clean copy of the basic UNIX utilities, because skilled > hackers will replace some of the utilities chkrootkit uses with hacked > copies that will cover their actions. Any suggestions on how to do this? > If you have an rpm based distro you can verify the rpms. See this link for details:http://www.linuxjournal.com/article.php?sid=5345 Th rest of the series Thwarting the System Cracker is also highly recommended: http://www.salmar.com/marcel/ljwritings.html ( near the bottom of the page). -- Neil Jolly (with Yoda-like voice) "Confrontation leads to anger... Anger leads to fear... Fear leads to using Windows NT in mission-critical combat systems... And this is how the ancients fell... _______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca
