John, On Thu, 16 May 2002, John Summerfield wrote: > > Is this being broken into? If so, what do I look for? You got already quite good answers, but just in case you would like to check more the system you can find good information from SANS site and Dave Dittrich's forensic page http://rr.sans.org/linux/sec_apps.php http://staff.washington.edu/dittrich/misc/forensics/ The PLAC disk with chkrootkit and the coroners tool- kit make security checks a lot easier and the SANS linux pages has very good reading http://rr.sans.org/linux/linux_list.php HTH, :-) riku -- [ This .signature intentionally left blank ] _______________________________________________ Redhat-devel-list mailing list Redhat-devel-list@redhat.com https://listman.redhat.com/mailman/listinfo/redhat-devel-list
