On Mon, April 18, 2005 09:35, Sigmund Straumsnes wrote: > Check /usr/bin/slocate with lsattr. > > rootkits may set attributes to prevent overwriting infected files, so you > could check for intrusion.
Thanks, you are indeed correct that the attributes had been changed. I will start investigating now. Thijs -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
