DFN-CERT warning about Linux Root Kits

[Dennis Tracz <dntracz () UCALGARY CA>]

Hello All,

Just wanted to draw your attention to this, As you may know the CERT for 
Germany`s National Research and Education Network (DFN – Deutsches 
Forschungsnetz)
is warning about root kit attacks on Linux servers, This root kit hides 
directories and processes from the administrator. The attack is most 
likely carried out by stolen SSH keys.

All Linux based workstations, should be examined for the rootkit 
(located in a hidden directory "/etc/khubd.p2/") used to collect 
information.

--
Dennis N. Tracz CISSP-ISSMP,CISM,CGEIT
Information Security Officer
University of Calgary
(403) 220-4010

Attachment: dntracz.vcf
Description: