On Fri, 5 Oct 2007, Raj Kiran Grandhi wrote:
Hi,
There is an article on slashdot,
http://it.slashdot.org/article.pl?sid=07/10/05/1234217&from=rss which says
that most of the phishing sites are being run from rootkitted linux boxes. I
dunno how accurate their analysis is (the results were not released), however
I wonder if there is any way to establish whether a given machine is
compromised or not.
Are there any tools available that one can run on a regular basis? What
measures can we take to ensure that we are somehow alerted if our system gets
compromised?
Regards,
Raj Kiran
2 good tools to install are rkhunter and aide. rkhunter does a good job
of finding root kits and alerting you of anything it find suspicious, in
my tests I have done. Aide, is file integrity checker and will notify you
of any changes made to the filesystem, such as added files, modified
files, deleted files and what not.
Its always a good idea to install these from the beginning as it gets more
difficult over time to determine what has been changed or added.
hth
jeff
-+-
8 out of 10 Owners who Expressed a Preference said Their Cats Preferred Techno.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
