[CentOS] How to check for rootkit, troians etc in backed up files?

Charles E Campbell Jr charles.e.campbell at nasa.gov
Thu Sep 4 14:45:17 UTC 2008


Mike McCarty wrote:
> M. Fioretti wrote:
>> Hi,
>>
>> there is a remote (VPS) Centos 4.2 server which *may* have been
>> compromised. Reinstalling everything from scratch isn't a problem, it
>> may even be an occasion to improve a few things, the question is
>> another.
>
> I use rkhunter and chkrootkit. I run them regularly.
>
> If you keep your machine clean, then your backups will be, too.
>
> If you get compromised, then your backups since compromise are
> suspect.
>
> Mike
When I tried
  yum -y install chkrootkit.i386
I got...
No package chkrootkit.i386 available.

When I tried
  yum -y install rkhunter.noarch
I got...
No package rkhunter.noarch available.

These were the two names mentioned on my yum list, so I updated my yum 
list (yum -y list > yum.list), and I find that neither is present anymore.

Regards,
Chip Campbell



More information about the CentOS mailing list