possible LKM rootkit infection
Jay
plug-discuss@lists.plug.phoenix.az.us
Wed, 19 Jun 2002 13:58:04 -0700 (MST)
On Wed, 19 Jun 2002, technomage wrote:
> done all of this (even written them to a text file for later review). so far,
> I don't see anything unusual. I have a couple of non-standard (installed
> myself) servers running here (ircd and opennap) and I know which ports those
> are on. everything else appears to be as normal (including their port
> assignmanets).
...[SNIP]...
> as it is, I was thinking ahead security wise when I placed this unit online.
>
> anything else I should be doing?
<Shameless Plug> Well, you should probably consider a remote security
analysis scan to determine any vulnerabilities in your system/services and
also to check for any backdoors that are now available. To do this, you
could support a PLUG member and local business and visit Edgeos at
http://www.edgeos.com. :) </Shameless Plug>
--
~Jay