Alejandro Imass <ait <at> p2ee.org> writes: > ... > > What you should do right now is to get some recent general or security > > cd/dvd > > with chkrootkit and rkhunter and run them from that external read-only > > media. > > I would also suggest that you look over config files of all packages > > involved. > > jb > > > > Thanks! Will do, but I don't know of any FreeBSD and/or derived > distros for security. Or can I use any Linux security distro? I > remember reading about some trouble of Linux chkrootkit on FBSD....
It looks like you have only one choice with prebuilt rkhunter package only: http://www.freebsd.org/releases/9.0R/announce.html dvd1 This contains everything necessary to install the base FreeBSD operating system, a collection of pre-built packages aimed at getting a graphical workstation up and running. It also supports booting into a "livefs" based rescue mode. This should be all you need if you can burn and use DVD-sized media. ftp://ftp.freebsd.org/pub/FreeBSD/ports/packages/security/ rkhunter-1.3.8_1.tbz 04/18/12 18:56:00 With regard to verification of config files - you said you got backups (those pre-incident would be best) and you have the incident-time files, so do a diff on dirs (in particular /etc and /usr/local/etc) jb _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
