[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [inbox] Re: [Full-Disclosure] RE: Linux (in)security

To: full-disclosure@lists.netsys.com
Subject: Re: [inbox] Re: [Full-Disclosure] RE: Linux (in)security
From: Sven Hoexter <sven@timegate.de>
Date: Fri, 24 Oct 2003 16:12:43 +0200

On Fri, Oct 24, 2003 at 06:09:12AM -0700, dwr3ck@hushmail.com wrote:

> I can determine when a Windows box has been owned fairly easily.
Can you? Really? Hm maybe I should use windows.
 
> How do you determine if you have a KLM on your Linux box?  (serious question
> from someone who does not know)  I'm asking specifically about Red Hat
> because I am a Corporate America slave and IBM has made this the distribution
> that most of corp America will use.
Best way are integrity checks with tripwire, aide, afick [1] or other relatet
tools.
Other way around if don't have a database with the checksumms from the clean
system you can use chkrootkit [2]


Sven

[1] http://afick.sf.net
[2] http://www.chkrootkit.org/

-- 
          Das Weihnachtskonzert
               COMBO GUANO
23.12.2003, Saal Norhausen Lev. Rheindorf
        http://www.comboguano.de

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [inbox] Re: [Full-Disclosure] RE: Linux (in)security
  - From: Shawn McMahon <smcmahon@eiv.com>

References:
- RE: [inbox] Re: [Full-Disclosure] RE: Linux (in)security
  - From: <dwr3ck@hushmail.com>

Prev by Date: Re: [inbox] Re: [Full-Disclosure] RE: Linux (in)security
Next by Date: RE: [Full-Disclosure] ProFTPD-1.2.9rc2 remote root exploit
Previous by thread: Re: [inbox] Re: [Full-Disclosure] RE: Linux (in)security
Next by thread: Re: [inbox] Re: [Full-Disclosure] RE: Linux (in)security
Index(es):
- Date
- Thread