[CentOS] How to check for rootkit, troians etc in backed up files?

Charles E Campbell Jr charles.e.campbell at nasa.gov
Thu Sep 4 14:45:17 UTC 2008

Mike McCarty wrote:
> M. Fioretti wrote:
>> Hi,
>> there is a remote (VPS) Centos 4.2 server which *may* have been
>> compromised. Reinstalling everything from scratch isn't a problem, it
>> may even be an occasion to improve a few things, the question is
>> another.
> I use rkhunter and chkrootkit. I run them regularly.
> If you keep your machine clean, then your backups will be, too.
> If you get compromised, then your backups since compromise are
> suspect.
> Mike
When I tried
  yum -y install chkrootkit.i386
I got...
No package chkrootkit.i386 available.

When I tried
  yum -y install rkhunter.noarch
I got...
No package rkhunter.noarch available.

These were the two names mentioned on my yum list, so I updated my yum 
list (yum -y list > yum.list), and I find that neither is present anymore.

Chip Campbell

More information about the CentOS mailing list