On 22 Sep 2003, Jason Dixon wrote: > Everyone knows the Internet is a dangerous place. Folks who've been on > this list for a whileave probably heard me harp about security by now. > If you have, then you know I'm a nut when it comes to protecting your > system - AND - protecting others FROM your system if it's been cracked. > > It is for this reason that I'd like to suggest the following. Take 10 > minutes to download, compile and run chkrootkit on your Linux systems. > Review the output to see if you've been compromised. If you are, take > the appropriate steps to isolate and/or repair the damaged system. <snip>
I'd like to differ with you on a technicality, though not on your sentiment. I'd say don't download and compile chrootkit. Instead, download the knoppix security tools distribution (http://www.knoppix-std.org/), burn it to a CD, then boot from it and *then* run chrootkit, which is on the CD. This way you will *ABSOLUTELY KNOW* that you are running a safe version of chrootkit that will tell you whether or not you've been compromised. It takes a bit longer to download, but you'll always have it in your toolkit, and it makes for great peace of mind. Ben -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
