Detecting Rootkits In GNU/Linux 142
An anonymous reader sends note of a blog post on rootkit detection in GNU/Linux. The article mentions only two utilities for ferreting out rootkits — the first comment to the blog post lists three additional ones — but it could be useful for those who haven't thought about the problem much. From the article: "A rootkit... is a collection of tools that a cracker installs on a victim's computer after gaining initial access. It generally consists of log cleaning scripts and trojaned replacements of core system utilities such as ps, top, ifconfig and so on."
Ah! No need for rootkit detector... (Score:5, Funny)
Pish Posh (Score:5, Funny)
Re:Ah! No need for rootkit detector... (Score:2, Funny)
Yes, but... (Score:5, Funny)
I like to leave this up to the FBI (Score:5, Funny)
Re:ifl (Score:5, Funny)
Re:This is... (Score:4, Funny)
Re:Read Only Drives (Score:3, Funny)
Yeah, there's a program you can run to flip them whenever you need to. I had to install it SUID root though.
Meh, I don't trust those tools (Score:5, Funny)
Re:This is... (Score:1, Funny)
Re:This would have been more appropriate: (Score:3, Funny)
The tables have turned, Mr. Bond... (Score:2, Funny)
I don't have to worry about this. I use Windows!
Oh wait...
- RG>