check for root kit

To: Debian User List <debian-user@lists.debian.org>
Subject: check for root kit
From: Rory Campbell-Lange <rory@campbell-lange.net>
Date: Tue, 23 Apr 2002 14:31:05 +0000
Message-id: <[🔎] 20020423143105.GA5198@campbell-lange.net>
Mail-followup-to: Rory Campbell-Lange <rory@campbell-lange.net>, Debian User List <debian-user@lists.debian.org>

There is a very small possibility that someone has intruded into our
network. I would like to test my 3 woody machines for possible root
kits. What is the best way of doing this? Should I check the md5sum of
programs such as find, ps and ifconfig against the packaged versions?

Also, is there any way of checking for a kernel module type root kit?

Cheers
Rory
-- 
Rory Campbell-Lange 
<rory@campbell-lange.net>
<www.campbell-lange.net>


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: check for root kit
  - From: Crispin Wellington <crispin@aeonline.net>
- Re: check for root kit
  - From: tom_massey@dingoblue.net.au (Tom Massey)
- Re: check for root kit
  - From: ben <benfoley@rcn.com>
- Re: check for root kit
  - From: Carlos Sousa <csousa@tvtel.pt>

Prev by Date: Re: starting nfs - allow/deny
Next by Date: Re: Samba alternative
Previous by thread: Tux in ASCII
Next by thread: Re: check for root kit
Index(es):
- Date
- Thread