[CentOS] How to tell if I've been hacked?

Christopher Chan christopher.chan at bradbury.edu.hk
Wed Aug 19 03:14:01 UTC 2009


Scott Ehrlich wrote:
> There is a lot of talk about the vulnerable Linux kernel.   I'm simply
> wondering the telltale signs if a given system has been hacked?
> What, specifically, does a person look for?
>   

rpm -Va is a good start for modified binaries/libraries.
rootkit detectors is another thing you can try.


Other than that, it is checking your logs and looking for odd files 
lying around...



More information about the CentOS mailing list