On Thu, Sep 14, 2006 at 12:43:49PM +0200, Markus Wetzel wrote: > Dear NG, > > last week my server got infected with the SuckIt rootkit (Debian with > 2.4 kernel). Fortunately I have discovered this rootkit (chkrootkit) and > reinstalled the system because I didn't know what else has been compromised. > > Is there a way to protect my server against a new infection with SuckIt? > > Regards, Hi Markus Wetzel, I'm not sure what vunerablity this rootkit used to gain access, but I install the 'tiger' package -- it checks for roots kits daily and show what files have been added, chanaged, removed among other tests. cheer, Kev ps. there seems to be a lot of php exploits --- as the recent debian alioth server showed. what that the cause? -- | .''`. == Debian GNU/Linux == | my web site: | | : :' : The Universal | debian.home.pipeline.com | | `. `' Operating System | go to counter.li.org and | | `- http://www.debian.org/ | be counted! #238656 | | my keysever: pgp.mit.edu | my NPO: cfsg.org |
Attachment:
signature.asc
Description: Digital signature