I have not, I'll look into that one, thanks! On 11/14/2019 9:48 AM, SternData wrote: > Do you run rkhunter? > > On 11/14/19 9:40 AM, Christopher Wensink wrote: >> How do you know when a Linux system has been compromised? >> >> Every day I watch our systems with all the typical tools, ps, top, who, >> I watch firewall / IPS logs, I have logwatch setup and mailing daily >> summaries to me and I dive deeper into logs if something looks suspicious. >> >> What am I missing or not looking at that you security gurus are looking at? >> >> I subscribe to the centos and SANS newsletters, and I try to keep >> current on all technology with credible sources of articles online and >> with the Lynda library. >> >> What other sources of information do you use to stay current about the >> latest threats and technology updates? >> >> I appreciate the feedback. >> >> Chris >