On Sat, Nov 27, 2010 at 3:38 PM, Brian <a...@cityscape.co.uk> wrote: > Your course of action will depend on the confidence you place in > rkhunter. Mine is zero, but if your reading of its reports is convincing > and you think it tells you anything important about your system your > only option is to reinstall. Not because there is anything untoward > about the server but because you you have entered a state of insecurity. > If chkrootkit was installed after your problems appeared its logs are > valueless.
IMHO, it's another tool in the toolbox. The secret is that you need to be using multiple tools, and employing them in such a way that if one is defeated, that action should set off at least one other one. > Then you could ask yourself: there are over 1,000 million computers on > the internet; why me? Easy target or low-hanging fruit. Scriptkiddies will tend to scan for a specific exploit, and scan large blocks of addresses. His server probably showed up in a scan. > > -- > To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org > Archive: http://lists.debian.org/20101127203853.gm20...@desktop > > -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktini0a0kop8_qzzjpwyp4ulctadfgde6jqhkq...@mail.gmail.com