Re: rootkit?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: rootkit?
From: Res <res@xxxxxxxxxx>
Date: Sun, 11 Dec 2005 19:17:44 +1000 (EST)
In-reply-to: <1134279866.3320.64.camel@xxxxxxxxxxxxx>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <200512110031.03504.gene.heskett@xxxxxxxxxxx> <1134279866.3320.64.camel@xxxxxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

On Sun, 11 Dec 2005, Scot L. Harris wrote:


Did you try rkhunter?  Would be interesting to know if it could see it.


likewise

Once a system has been rooted the only action to take is to rebuild the
system from scratch, format the drives and install clean.  Be very

only true is not very expericed, as one who is responsible for largedatacenters, after 10 years of it you get pretty good a forensic disection:)


rule No. 1 - tell em to go get nicked if they want front page

rule No. 2 - scan for and ban phpnuke - they sure as F@#$ named it soaptly ;)


luckily most the brain dead script kiddies out there all use much the same

sort of code so resolution is pretty painless. but prevention is alwaysbetter than the 1am wake up call



--
Cheers
Res

References:
- rootkit?
  - From: Gene Heskett
- Re: rootkit?
  - From: Scot L. Harris

Prev by Date: Re: Security hole
Next by Date: Re: Moving a LVM to a new drive
Previous by thread: Re: rootkit?
Next by thread: Re: rootkit?
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]

Powered by Linux