[CentOS] How to tell if I've been hacked?
Christopher Chan
christopher.chan at bradbury.edu.hk
Wed Aug 19 03:14:01 UTC 2009
Scott Ehrlich wrote:
> There is a lot of talk about the vulnerable Linux kernel. I'm simply
> wondering the telltale signs if a given system has been hacked?
> What, specifically, does a person look for?
>
rpm -Va is a good start for modified binaries/libraries.
rootkit detectors is another thing you can try.
Other than that, it is checking your logs and looking for odd files
lying around...
More information about the CentOS
mailing list