Detecting root kits?
Dan Coutu
coutu at snowy-owl.com
Mon Jun 23 09:49:36 EDT 2003
Last week I uncovered a RedHat box that had been rooted (fortunately it
had only recently been installed and nothing important was on it.)
Rather than me having to go through a hands-on intensive process of
analyzing every other Linux system on the LAN are there tools that I can
use to determine whether or not this SOB got into other systems?
Any pointers to where I can learn more about the different types of
rootkits and how to counter or detect them are also welcome.
Thanks!
--
Dan Coutu
Managing Director
Snowy Owl Internet Consulting, LLC
http://www.snowy-owl.com/
More information about the gnhlug-discuss
mailing list