[CentOS] How to check for rootkit, troians etc in backed up files?
Charles E Campbell Jr
charles.e.campbell at nasa.gov
Thu Sep 4 14:45:17 UTC 2008
Mike McCarty wrote:
> M. Fioretti wrote:
>> Hi,
>>
>> there is a remote (VPS) Centos 4.2 server which *may* have been
>> compromised. Reinstalling everything from scratch isn't a problem, it
>> may even be an occasion to improve a few things, the question is
>> another.
>
> I use rkhunter and chkrootkit. I run them regularly.
>
> If you keep your machine clean, then your backups will be, too.
>
> If you get compromised, then your backups since compromise are
> suspect.
>
> Mike
When I tried
yum -y install chkrootkit.i386
I got...
No package chkrootkit.i386 available.
When I tried
yum -y install rkhunter.noarch
I got...
No package rkhunter.noarch available.
These were the two names mentioned on my yum list, so I updated my yum
list (yum -y list > yum.list), and I find that neither is present anymore.
Regards,
Chip Campbell
More information about the CentOS
mailing list