how to tell whe you have a hacker?
Jeremy C. Reed
reed at reedmedia.net
Fri Feb 17 18:48:54 MST 2006
On Fri, 17 Feb 2006, Technomage wrote:
> if you are using an rpm based distribution, you can do a special query
> of all the installed packages to see which ones have been changed.
Also with Debian packages too. Each package has a *.md5sums file under
/var/lib/dpkg/info. It can be used like:
cd /
for m in /var/lib/dpkg/info/*md5sums ; do md5sum -c $m ; done
This will have some false positives. And it is not as powerful or useful
as the rpm queries though.
I suggest unplugging your network connection.
Jeremy C. Reed
open source, Unix, *BSD, Linux training
http://www.pugetsoundtechnology.com/
More information about the PLUG-discuss
mailing list