[CentOS] how to know when a system is compromised


subscribed-lists at sterndata.com
Thu Nov 14 15:48:11 UTC 2019

Do you run rkhunter?

On 11/14/19 9:40 AM, Christopher Wensink wrote:
> How do you know when a Linux system has been compromised? 
> Every day I watch our systems with all the typical tools, ps, top, who,
> I watch firewall / IPS logs, I have logwatch setup and mailing daily
> summaries to me and I dive deeper into logs if something looks suspicious.
> What am I missing or not looking at that you security gurus are looking at?
> I subscribe to the centos and SANS newsletters, and I try to keep
> current on all technology with credible sources of articles online and
> with the Lynda library.
> What other sources of information do you use to stay current about the
> latest threats and technology updates?
> I appreciate the feedback.
> Chris

More information about the CentOS mailing list