hacked
Edward Norton
r00t3d at gmail.com
Mon Apr 17 17:34:27 MST 2006
On 4/16/06, George Toft <george at georgetoft.com> wrote:
>
> To preclude a rootkit, you can always boot the box using Knoppix, then
> mount the suspect disk and look at /etc/shadow.
>
Unless it's a kernel-mode rootkit, in which case it more than likely
wouldn't use /etc/shadow.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.plug.phoenix.az.us/pipermail/plug-discuss/attachments/20060417/a15e220e/attachment.htm
More information about the PLUG-discuss
mailing list