Re: rootkit detection

To: linux-dude <linux-dude@anscheinend.net>
Cc: debian-security@lists.debian.org
Subject: Re: rootkit detection
From: Alvin Oga <aoga@Maggie.Linux-Consulting.com>
Date: Sun, 10 Mar 2002 19:30:56 -0800 (PST)
Message-id: <[🔎] Pine.LNX.3.96.1020310192045.5828A-100000@Maggie.Linux-Consulting.com>
In-reply-to: <[🔎] 170169859394.20020310130747@anscheinend.net>

hi ya roman

as was mentioned... chkrootkit.org...

but what kind of risk are you referring to ??
	- that the rootkit detectors miss a newly created rootkit ??
	- probably will happen...

there is always risks... knowing what it is and 
trying to minimize subsequent risks and protecting data is 
more important ???
	- ie... firewall by itself is nto good enough...
	they [h/cr]ack your firewall or bypass it... and all
	machines is usually a sitting duck with ftp/telnet/ppp traffic

	- a machine running ipchains instead of apache is not a 
	"good enough" of a firewall if you don't want any risks

have fun
alvin
http://www.Linux-Sec.net/Tracking/  - rootkit checking stuff


On Sun, 10 Mar 2002, linux-dude@anscheinend.net wrote:

> 
> 
>   hey ppl!
>   I just wanted to ask if someone can recommend a rootkit
>   detection/removal utility. There are a bunch of them if you
>   look around but I don't want to run any risk :-)
>   would be kind if someone knew of a serious solution :-)
> 
>   best regards
>     Roman Sommer

Reply to:

Follow-Ups:
- Re: rootkit detection
  - From: Philip Thiem <ptt@umr.edu>

References:
- rootkit detection
  - From: "linux-dude@anscheinend.net" <Shadowfreak@gmx.net>

Prev by Date: [no subject]
Next by Date: unsubscribe
Previous by thread: Re: rootkit detection
Next by thread: Re: rootkit detection
Index(es):
- Date
- Thread