>
> Another idea to help with your forensics would be to bring a netstat and
> lsof
> binary over to your machine and run them to see which actors are running
> and
> trying to get out. That could help you detect what is running on that
> machine
> and google your way from there.
If your kernel
On Tue, 10 Aug 2010 01:10:37 -0500, Paul Hartman wrote:
> Second, the problem of chkrootkit telling me "find" and "netstat" were
> INFECTED, in big scary upper-case letters. The files appear to be
> genuine,
chkrootkit hasn't been updated in over a year, a bit scary for a malware
scanner.
> I th
On Monday 09 August 2010 19:59:11 7v5w7go9ub0o wrote:
> On 08/09/10 12:25, Paul Hartman wrote:
> []
>
> > If anyone has advice on what I should look at forensically to
> > determine the cause of this, it is appreciated. I'll first dig into
> > the logs, bash history etc. and really hope that this
On Mon, Aug 9, 2010 at 1:59 PM, 7v5w7go9ub0o <7v5w7go9u...@gmail.com> wrote:
> On 08/09/10 12:25, Paul Hartman wrote:
> []
>> If anyone has advice on what I should look at forensically to
>> determine the cause of this, it is appreciated. I'll first dig into
>> the logs, bash history etc. and reall
4 matches
Mail list logo
