Friday, May 12, 2006

How to scan your Linux-Distro for Root Kits

How to scan your Linux-Distro for Root Kits | HowtoForge - Linux Howtos and Tutorials

I've used chkrootkit before. The best thing to do if a rootkit is found is to reinstall the system. You can never be sure you've managed to remove the root kit properly or not. Even though this can be hard to do with production servers, its never safe to run a system that has been hacked.

Tags: ,