On Wed, Aug 19, 2009 at 1:57 AM, Bill Campbell<centos@xxxxxxxxxxxxx> wrote: > You cannot trust tools like ``ps'', ``find'', ``netstat'', and > ``lsof'' as these are frequently replaced by ones that are > modified to hide the cracker's work. As a corollary, the only safe way to audit a suspected system is booting your diagnostic tool from known good media (eg try a security Live CD distro) -- Eduardo Grosclaude Universidad Nacional del Comahue Neuquen, Argentina _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: How to tell if I've been hacked?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: How to tell if I've been hacked?
- From: Eduardo Grosclaude <eduardo.grosclaude@xxxxxxxxx>
- Date: Wed, 19 Aug 2009 08:03:24 -0300
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <20090819045725.GA30711@xxxxxxxxxxxxxxxxxxxx>
- References: <b39d9f830908181853r3b1b5e81o3ce0619b3e63f52a@xxxxxxxxxxxxxx> <20090819045725.GA30711@xxxxxxxxxxxxxxxxxxxx>
- Follow-Ups:
- Re: How to tell if I've been hacked?
- From: Magnus Holmström
- Re: How to tell if I've been hacked?
- References:
- How to tell if I've been hacked?
- From: Scott Ehrlich
- Re: How to tell if I've been hacked?
- From: Bill Campbell
- How to tell if I've been hacked?
- Prev by Date: Re: virt-manager crashes Host during installation of guest
- Next by Date: Updated livecd building tool
- Previous by thread: Re: How to tell if I've been hacked?
- Next by thread: Re: How to tell if I've been hacked?
- Index(es):
 |