On 10/5/07, Raj Kiran Grandhi <[EMAIL PROTECTED]> wrote: > Hi, > > There is an article on slashdot, > http://it.slashdot.org/article.pl?sid=07/10/05/1234217&from=rss which > says that most of the phishing sites are being run from rootkitted linux > boxes. I dunno how accurate their analysis is (the results were not > released), however I wonder if there is any way to establish whether a > given machine is compromised or not. > > Are there any tools available that one can run on a regular basis? What > measures can we take to ensure that we are somehow alerted if our system > gets compromised?
Maybe running tcpdump, and then "read" the capture to see anything that should not be therer -- Guillermo Garron "Linux IS user friendly... It's just selective about who its friends are." http://feeds.feedburner.com/go2linux http://www.go2linux.org -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
