[CentOS] How to check for rootkit, troians etc in backed up files?

M. Fioretti mfioretti at nexaima.net
Mon Sep 1 05:59:17 UTC 2008


Hi,

there is a remote (VPS) Centos 4.2 server which *may* have been
compromised. Reinstalling everything from scratch isn't a problem, it
may even be an occasion to improve a few things, the question is
another.

There are backups of necessary shell script, ASCII configuration files
and more or less important email (maildir format, if it matters)
including messages with binary attachments in .doc, .pdf, .jpeg and
other formats. What is, in the context above, the best way to make
sure that **those** backed up files (which _must_ be put back on the
server after reinstall) do not contain any rootkit, troian, virus,
whatever? Which Centos / linux tool you'd recommend for this specific
case?

TIA,
		Marco
-- 
Your own civil rights and the quality of your life heavily depend on how
software is used *around* you:            http://digifreedom.net/node/84


More information about the CentOS mailing list