Re: installing root-kit checkers

To: debian-user@lists.debian.org
Subject: Re: installing root-kit checkers
From: consul tores <consultores1@gmail.com>
Date: Fri, 9 Sep 2011 18:40:32 -0700
Message-id: <[🔎] CAFxkjqnKC5kdMAwi7XrdQUoojjn179p0E7Snzhk-HSJdvfCdJQ@mail.gmail.com>
In-reply-to: <[🔎] 201109092345.08602.lisi.reisz@gmail.com>
References: <[🔎] 201109092345.08602.lisi.reisz@gmail.com>

2011/9/9 Lisi <lisi.reisz@gmail.com>:
> We seem to be being told that nowadays we should run a root-kit checker.  The
> kernel exploit would indeed seem to suggest it.  I have tried rkhunter and
> found that I couldn't make head or tail of it.  I then read that, for a
> root-kit checker to work properly, you should install it on a fresh install
> before said installation goes on the Internet.  All well and good, but I
> almost always install Debian of some version or other, and when I do so, I
> always install over the net.
>
> So how do I run a check before going on the Internet???  I can hardly install
> a package of any sort before I have installed at least the basics of the
> distro!  (Yes, I know that there are those on this list who say that a
> root-kit checker is useless anyway, and root-kits are obviously difficult to
> spot - the kernel is guarded by people far more capable than I.)
>
> Lisi

I am using rkhunter + chkrootkit + tiger, as a guide/parameter to
administer my boxes. I do the installation over the internet, and it
seems to work correctly at the moment.

Reply to:

References:
- installing root-kit checkers
  - From: Lisi <lisi.reisz@gmail.com>

Prev by Date: Debian Squeeze problem with firewire_core (DV camera over FireWire)
Next by Date: Debian Squeeze problem with firewire_core (DV camera over FireWire)
Previous by thread: installing root-kit checkers
Next by thread: Re: installing root-kit checkers
Index(es):
- Date
- Thread