-
August 18th, 2002, 05:52 AM
#1
How to tell if your Linux box has been cracked
Found an interesting article the other day. I could not find if this had been posted before (and I apologise if it has) but I thought I would bring it to the attention of people here, it is especially helpful for Linux newbies interested in the security of their machines.
The article deals with finding out if you have a trojaned process (in this case ps) and how to detect if a cracker has gained access to your Linux Box. The site also contains other interesting security related links worth a look.
How to tell if your Linux Box has been cracked
I hope someone finds the information useful.
-
August 19th, 2002, 11:10 AM
#2
nice post..
thx ! !
most of it was known, but a good read non-the-less..
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio the best station for C64 Remixes !
-
August 19th, 2002, 11:15 AM
#3
since im a linux n00bie im looking for all the info i can get on it just now thanks for the link phatpenguin
By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
The 20th century pharoes have the slaves demanding work
http://muaythaiscotland.com/
-
August 19th, 2002, 05:30 PM
#4
Good link. One thing I've noticed playing around with lrk4 rootkit is unusual behavior of the trojanized telnet binary.
A regular telnet login will look like this
login:
As with lrk4 the login will look like this
eve login:
Also when you have an incorrect login on a regular telnet server it will show you
login incorrect.
In the lrk4 rootkit it will show you the message
root login refused on this terminal.
Nate
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|