chkrootkir LKM Trojan ?
Dave S
ubuntu at pusspaws.net
Tue Jul 18 06:55:11 UTC 2006
On Tuesday 18 July 2006 02:11, ubuntu at rio.vg wrote:
> boricua wrote:
> >>> Try rkhunter and see!
> >>
> >> Tried it - rkhunter says everything is OK ...mmm... erring to false +ve
> >> (Mops sweat from brow !)
> >
> > how do u know rkhunter was not comprimise
>
> Personally, I install tripwire on all my machines to make sure things
> like that don't get compromised...
I never installed tripwire because I thought it was overkill on a domestic
system ... I am re-thinking.
At least it would give me a pretty definite answer as to wether my files have
been tampered with. I assume you have to re-learn it after every update
because md5 checksums will have altered ?
Dave
More information about the ubuntu-users
mailing list