Ask a Question related to Debian, Design and Development.
-
ScruLoose #1
Re: tool for checking compromised box
On Fri, Aug 01, 2003 at 08:21:14AM +0800, Louie Miranda wrote:
I imagine it depends on what kind of "compromised" you're looking for.> Hello,
>
> Is there any Debian package that can check a compromised box?
chkrootkit springs to mind if you think you've been rooted.
integrit or tripwire are pretty cool too, but they're only useful if
installed on a "known clean" system. Since they monitor changes to the
filesystem, they need a snapshot of the "before" picture to compare
against.
HTH
--
,-------------------------------------------------------------------------.`-------------------------------------------------------------------------'> -ScruLoose- | What makes a person so poisonous righteous <
> Please do not | That they'd think less of anyone who just disagreed? <
> reply off-list. | - Moxy Fruvous <
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see [url]http://www.gnupg.org[/url]
iD8DBQE/Kc5OGW5/T9+iw4kRAmsnAKDpeUtVSG5IBuyrijVz9j5aChKSJwCfcGN1
Y3QL24EgeG4a6NFKhQe7hcQ=
=mmv9
-----END PGP SIGNATURE-----
ScruLoose Guest
-
Colour settings for Highlighter Tool and Underline Text Tool
I am using ACROBAT STD 7.0.1 on Tiger. As I often read scientific PDF files, I would like to use additional colours for the Highlighter (yellow)... -
Pencil Tool changes to Grab Tool Acrobat 7
Whenever I am doing editing or inserting proofreading marks, I used to (in Acrobat 6) jsut click on Pencil Tool, write to my hearts content, and then... -
Smudge tool & Red eye tool
Mr. M. Holtzberg. Caps Lock ON?? -
GNU software compromised : Cert Advisory
> Source: CERT/CC From: "CERT Advisory" <cert-advisory@cert.org> To: <cert-advisory@cert.org> Subject: CERT Advisory CA-2003-21 GNU Project... -
URL checking
mandy100@ihug.com.au (Mandy) wrote in news:6522b540.0306281641.4bbf5b23 @posting.google.com: see... -
Karsten M. Self #2 Re: tool for checking compromised box
on Fri, Aug 01, 2003 at 08:21:14AM +0800, Louie Miranda (louie@axishift.ath.cx) wrote:
As previously noted, chkrootkit is one pallative.> Hello,
>
> Is there any Debian package that can check a compromised box?
Note that once a box is suspect, your trust in any of its output is
equally suspect. You must analyze it from known good media (say, a
Knoppix boot disk).
A mix of chkrootkit, debsums, and the new tripwire replacement (aide,
integrit), would probably be good. Reinstall from known good sources
would be strongly recommended.
Peace.
--
Karsten M. Self <kmself@ix.netcom.com> [url]http://kmself.home.netcom.com/[/url]
What Part of "Gestalt" don't you understand?
Verio webhosting? Guaranteed downtime:
[url]http://www.wired.com/news/politics/0,1283,57011,00.html[/url]
[url]http://www.dowethics.com/r/environment/freedom.html[/url]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/LMW1efG8443k044RAjJMAKCMHwkwLbWMk6PD1xdBlugIO/hnmQCfU66q
QgRcJJUV9I0CostCJpJzLZk=
=Ap5w
-----END PGP SIGNATURE-----
Karsten M. Self Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
