[CentOS] Linux malware attack

Wed Mar 19 13:50:23 UTC 2014
Timothy Murphy <gayleard at eircom.net>

SlashDot had an article today on a Linux server malware attack,
<http://it.slashdot.org/story/14/03/18/2218237/malware-attack-infected-25000-linuxunix-servers>.

I wonder if there is a simple test to see if a CentOS machine
has been infected in this way?

The article mentions Yara and Snort rules to test for this,
but I wonder if there is something simpler?
Alternatively, are there Yara or Snort packages for CentOS?
("Yum search" didn't seem to find anything.)



-- 
Timothy Murphy  
e-mail: gayleard /at/ eircom.net
School of Mathematics, Trinity College, Dublin 2, Ireland