[ubuntu-uk] Phishing and linux

Alan Pope alan at popey.com
Wed Oct 3 19:28:42 BST 2007

Hi Ged,

On Wed, 2007-10-03 at 18:50 +0100, ged wrote:
> What's the chance of being taken over by these things ?
> How can I check for root kits on linux ?

On a desktop/laptop client slim, very slim. On a server running popular
web applications, somewhat higher. On a system running out of date
popular web applications, or other applications that require external
connectivity inbound with an open firewall, even higher still.

It's a real piece of string thing. 

There are tools to check for "rootkits" and you can also enable some log
watching programs to see when people attempt to intrude. Both are
somewhat academic, because once you have found a rootkit or detect that
you have been compromised the general consensus is that you should wipe
the machine and start again. Trying to find and remove compromised
pieces on a system, and then certify confidence it isn't compromised any
more is not something I (or many other admins) would do.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/ubuntu-uk/attachments/20071003/8e5ecd7b/attachment.pgp 

More information about the ubuntu-uk mailing list