+ Reply to Thread
Results 1 to 2 of 2
  1. July 17th, 2002 02:32 PM #1
    roswell1329
    roswell1329 is offline
    Senior Member roswell1329 roswell1329 roswell1329 roswell1329 roswell1329 roswell1329 roswell1329 roswell1329 roswell1329 roswell1329 roswell1329 roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670

    rootkits explained

    For those of you just starting out in *nix security, I ran across a great article that goes over the purpose and use of rootkits by crackers, and some of the most common commands that have been used to trojan a rootshell. It's an older article (1999), but still has some great explanations. It will give you a heads up as to what crackers will likely be attempting to do (if they want to cover their tracks) if they gain access to your system:

    http://www.usenix.org/publications/l.../rootkits.html
    /* You are not expected to understand this. */
    Reply With Quote Reply With Quote
  2. July 17th, 2002 05:57 PM #2
    dAggressor
    dAggressor is offline
    Member dAggressor has a spectacular aura about dAggressor has a spectacular aura about
    Join Date
    Jul 2001
    Posts
    62
    Pretty good article. Sadly I had to learn this information the hard way. When someone hacked an exploitables version of openssh on my system and installed a rootkit to hide the fact. Luckily he didn't clean the .bash_history file so I just tracked the commands and found all the files and logs used. A good reason to not only check your syslog (messages on linux) but also check your history file routinely.

    dAggressor
    dAggressor

    It\'s a long life, until you die
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides