Re: How to tell if a Linux machine is a zombie?

To: debian-user@lists.debian.org
Subject: Re: How to tell if a Linux machine is a zombie?
From: Giuseppe Marinelli <xflotmas@gmail.com>
Date: Mon, 08 Jan 2007 20:44:34 +0100
Message-id: <[🔎] 45A29F22.6060108@gmail.com>
In-reply-to: <[🔎] 20070108191301.GA555@cromwell.tmiaf>
References: <[🔎] 20070108191301.GA555@cromwell.tmiaf>

Russell L. Harris wrote:

Yesterday I read another article bemoaning the large number of Window$
machines which have been commandeered remotely and turned into
spam-spewing zombies.

If I understand the matter correctly, a firewall can protect only
against incoming messages, and is useless against spyware which
"phones home" or zombie-ware which spews email spam.

So, before I preach about the dangers of spyware and zombies to my
buddies using Window$, how can I be certain that my own Debian machine
has not been compromised and has not become a zombie?  Is there a

simple test which I can run on a weekly basis?

My LAN is protected by a machine running SmoothWall Express 2.0,
acting as a firewall and router.  Would an internal firewall package be
useful in this environment?

RLH

Thanks to this list I recently learned of two useful utilities, namelyrkhunter and chkrootkit, that should be what you are looking for.I have been using Debian (and Linux) for a short time (8 months now) soplease take my advice with a grain of salt before some of the gurus ofthe list confirm what I suggested.

Regards

Giuseppe

Reply to:

References:
- How to tell if a Linux machine is a zombie?
  - From: "Russell L. Harris" <rlharris@oplink.net>

Prev by Date: installation
Next by Date: set up Etch to unicode
Previous by thread: How to tell if a Linux machine is a zombie?
Next by thread: Re: How to tell if a Linux machine is a zombie?
Index(es):
- Date
- Thread