Re: How to tell if I've been hacked?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Ryan Pugatch wrote:
> Christopher Chan wrote:
>   
>> Scott Ehrlich wrote:
>>     
>>> There is a lot of talk about the vulnerable Linux kernel.   I'm simply
>>> wondering the telltale signs if a given system has been hacked?
>>> What, specifically, does a person look for?
>>>   
>>>       
>> rpm -Va is a good start for modified binaries/libraries.
>> rootkit detectors is another thing you can try.
>>
>>
>> Other than that, it is checking your logs and looking for odd files 
>> lying around...
>>
>>     
>
>
> Also, processes running that you don't recognize.  Users you don't 
> recognize.  Logged in sessions that you don't recognize.  Free space 
> shrinking abnormally.  An increase in bandwidth usage that is unexpected.
>   

Yeah...one should not assume that those will be hidden by rogue 
libraries/binaries. Not every case will be taken that far or unspotted 
before it gets that far.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux