IDS mailing list archives

Re: backdoor detection

From: Mattias Hedenskog <tsixla () antisec net>
Date: Sun, 29 Dec 2002 17:00:01 +0100

Hi lucy..

like you said, a good applicated backdoor is hard to detect. To prevent 
backdoors and such i'd look into Tripwire 
(sourceforge.net/projects/tripwire/) which checks your system integrity, 
veifying your data, comparing checksums. It's just failproof though. Another 
program worth looking at is chkrootkit (www.chkrootkit.org). It's practicly 
runs strings in an extensive matter, and checks for hidden backdoors in vital 
files, such as /bin/login etc. there a few more around just look it up on 
internet.

//
Mattias Hedenskog

Hi all,
    It's known backdoor is difficult to detection.
Who can give some methods availble to detect backdoor?


thanks!
lucy

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com


-- 
irc:tsixla@efnet,irscnet
mail:tsixla () antisec net 
http://tsixla.antisec.net

Current thread:

backdoor detection lee lucy (Dec 27)
- Re: backdoor detection Mattias Hedenskog (Dec 29)
- <Possible follow-ups>
- Re: backdoor detection Ramesh Gupta (Dec 29)
  - Re: backdoor detection Jose Nazario (Dec 30)