Security Basics mailing list archives
Re: Solaris 10 - Rootkit detection
From: Brad Edmondson <brad.edmondson () gmail com>
Date: Tue, 4 Aug 2009 19:30:55 -0400
You can boot from known-good media (CD), create hashes of your suspicious binaries, and reference the hashes against sites that collect malware: https://www.virustotal.com/buscaHash.html http://www.offensivecomputing.net/ (registration required for search) http://www.malwarehash.com/ http://www.team-cymru.org/Services/MHR/ (if you are up for scripting up a query engine/processor for your hashes). You may also need to run a filesystem analysis tool to be sure you're not missing any hidden files, but that's a more difficult topic and one with which I have less experience. Regards, Brad On Sun, Aug 2, 2009 at 9:59 AM, <arpitchaudhary1986 () gmail com> wrote:
Hi, I am working on Rootkit Detection on Solaris 10 OS on Spaarc. I am using two tools for the same - rkhunter and chkrootkit. The output of the tools say that there is no rootkit. However, my system binaries are behaving suspiciously and I doubt that rootkits might be present. Please suggest me with some good tool(free or minimally paid) for detecting Rootkits on Solaris 10. Alternatively, if you know of other good approach towards the same, I would be glad to hear that. Thanks, Arpit ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Solaris 10 - Rootkit detection arpitchaudhary1986 (Aug 04)
- Re: Solaris 10 - Rootkit detection J. Oquendo (Aug 05)
- Re: Solaris 10 - Rootkit detection arpunk (Aug 05)
- Re: Solaris 10 - Rootkit detection Brad Edmondson (Aug 05)
- Re: Solaris 10 - Rootkit detection Tim Pretlove (Aug 05)