On Fri, Jul 12, 2013 at 7:04 PM, Security <[email protected]> wrote:
> Hi all snip... Today I done a backup of this script that contains a huge list of server > compromised. Later I re-install whole system. > > Can be usuful send this rk? > If the regular tools do not find it, file bugs against them (or even file them upstream to reduce turn around time). Additionally, you could upload all suspect files to virustotal - where they are handed off to all the major AV vendors (mostly useful for mail gateways and that other wormy OS). HTH, cheers, Scott. E.g.: supaplex@tv:~$ apt-cache search rootkit chkrootkit - rootkit detector rkhunter - rootkit, backdoor, sniffer and exploit scanner unhide - Forensic tool to find hidden processes and ports unhide.rb - Forensic tool to find processes hidden by rootkits
