Re: Linux malware attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Wed, Mar 19, 2014 at 10:01 AM, Johnny Hughes <johnny@xxxxxxxxxx> wrote:

> On 03/19/2014 08:50 AM, Timothy Murphy wrote:
> > SlashDot had an article today on a Linux server malware attack,
> > <
> http://it.slashdot.org/story/14/03/18/2218237/malware-attack-infected-25000-linuxunix-servers
> >.
> >
> > I wonder if there is a simple test to see if a CentOS machine
> > has been infected in this way?
> >
> > The article mentions Yara and Snort rules to test for this,
> > but I wonder if there is something simpler?
> > Alternatively, are there Yara or Snort packages for CentOS?
> > ("Yum search" didn't seem to find anything.)
> >
> >
> >
>
> Look at this PDF:
>
> http://bit.ly/1qCEQFi
>
>
The article I read, linked to a detection toolkit on GitHub.
https://github.com/eset/malware-ioc

Read this:
https://github.com/eset/malware-ioc/blob/master/windigo/README.adoc


-- 
---~~.~~---
Mike
//  SilverTip257  //
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux