On 27/02/2016 7:57 AM, Brian wrote: > On Fri 26 Feb 2016 at 15:24:04 +0100, Christian Seiler wrote: > >> For known rootkits you can use the chkrootkit tool (available >> also as a Debian package), but that also has it's limitations. > > Being incapable of detecting anything sigificant being its main > limitation, I imagine.
Yeah, tests that limit to ports LISTENING [port number is only check, not what or how the port is used], it's not very effective. A.
