[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to detect whether your machine is compromised?


Thanks to everyone for contributing several tips. I am looking forward to a highly educating weekend :) Here is a summary of packages that were suggested in the various replies:

aide:       Advanced Intrusion Detection Environment - static binary
bastille:   Security hardening tool
chkrootkit: Checks for signs of rootkits on the local system
denyhosts:  an utility to help sys admins thwart ssh hackers
fail2ban:   bans IPs that cause multiple authentication errors
harden:     Makes your system hardened
iftop:      displays bandwidth usage information on an network interface
iptraf:     Interactive Colorful IP LAN Monitor
logcheck:   mails anomalies in the system logfiles to the administrator
ntop:       display network usage in top-like format
rkhunter:   rootkit, backdoor, sniffer and exploit scanner
tiger:      Report system security vulnerabilities
tripwire:   file and directory integrity checker

Raj Kiran

Reply to: