Re: rootkit detection
hi ya roman
as was mentioned... chkrootkit.org...
but what kind of risk are you referring to ??
- that the rootkit detectors miss a newly created rootkit ??
- probably will happen...
there is always risks... knowing what it is and
trying to minimize subsequent risks and protecting data is
more important ???
- ie... firewall by itself is nto good enough...
they [h/cr]ack your firewall or bypass it... and all
machines is usually a sitting duck with ftp/telnet/ppp traffic
- a machine running ipchains instead of apache is not a
"good enough" of a firewall if you don't want any risks
have fun
alvin
http://www.Linux-Sec.net/Tracking/ - rootkit checking stuff
On Sun, 10 Mar 2002, linux-dude@anscheinend.net wrote:
>
>
> hey ppl!
> I just wanted to ask if someone can recommend a rootkit
> detection/removal utility. There are a bunch of them if you
> look around but I don't want to run any risk :-)
> would be kind if someone knew of a serious solution :-)
>
> best regards
> Roman Sommer
Reply to: