Security Basics mailing list archives
Re: tools to run on compromised linux box
From: "Sukbum Hong" <sukbum.hong () cdnetworks co kr>
Date: Wed, 6 Aug 2008 22:20:29 +0900
Hello. How about this? These 3 programs are much widely used to check rootkit. chkrootkit : http://www.chkrootkit.org/ rkhunter : http://www.rootkit.nl/ rootcheck : http://www.ossec.net/en/rootcheck.html Please check your kernel version and if your kernel is the lastest version. Generally speaking, you would be no problem. reference : Linux Kernel "vmsplice()" System Call Vulnerabilities http://secunia.com/advisories/28835/ Thanks.
Can anyone recommend some tools to run on a compromised linux box to determine if there is further infestation? (rootkits, etc).
Current thread:
- tools to run on compromised linux box lister (Aug 06)
- Re: tools to run on compromised linux box Sukbum Hong (Aug 06)
- Re: tools to run on compromised linux box Nikhil Wagholikar (Aug 06)
- RE: tools to run on compromised linux box Murda Mcloud (Aug 06)
- Re: tools to run on compromised linux box Ansgar -59cobalt- Wiechers (Aug 07)
- RE: tools to run on compromised linux box Murda Mcloud (Aug 07)
- RE: tools to run on compromised linux box Murda Mcloud (Aug 06)
- Re: tools to run on compromised linux box Adriel Desautels (Aug 06)
- Re: tools to run on compromised linux box Erin Carroll (Aug 06)
- Re: tools to run on compromised linux box linux.gheek (Aug 06)
- <Possible follow-ups>
- Re: tools to run on compromised linux box jason . gerfen (Aug 06)