Re: check for root kit

To: Debian User List <debian-user@lists.debian.org>
Subject: Re: check for root kit
From: "Karsten M. Self" <kmself@ix.netcom.com>
Date: Wed, 17 Apr 2002 02:31:46 -0700
Message-id: <[🔎] 20020417093146.GE13953@ix.netcom.com>
In-reply-to: <[🔎] 20020417050202.GA2329@dingoblue.net.au>
References: <[🔎] 20020423143105.GA5198@campbell-lange.net> <[🔎] 20020417050202.GA2329@dingoblue.net.au>

on Wed, Apr 17, 2002, Tom Massey (tom_massey@dingoblue.net.au) wrote:
> On Tue, Apr 23, 2002 at 02:31:05PM +0000, Rory Campbell-Lange wrote:
> > There is a very small possibility that someone has intruded into our
> > network. I would like to test my 3 woody machines for possible root
> > kits. What is the best way of doing this? Should I check the md5sum of
> > programs such as find, ps and ifconfig against the packaged versions?
> 
> $ apt-cache show chkrootkit

...and if that turns up null, there's always:

   apt-get install rootkit

http://lists.debian.org/debian-devel/2002/debian-devel-200203/msg02337.html

;-)

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
   A guide to GNU/Linux partitioning:
     http://kmself.home.netcom.com/Linux/FAQs/partition.html

Attachment: pgpr1BFwaLpWF.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: check for root kit
  - From: Osamu Aoki <debian@aokiconsulting.com>

References:
- check for root kit
  - From: Rory Campbell-Lange <rory@campbell-lange.net>
- Re: check for root kit
  - From: tom_massey@dingoblue.net.au (Tom Massey)

Prev by Date: Re: Swapfiles
Next by Date: Re: Emacs' main menu font
Previous by thread: Re: check for root kit
Next by thread: Re: check for root kit
Index(es):
- Date
- Thread