On Fri, Oct 24, 2003 at 06:09:12AM -0700, [EMAIL PROTECTED] wrote: > I can determine when a Windows box has been owned fairly easily. Can you? Really? Hm maybe I should use windows. > How do you determine if you have a KLM on your Linux box? (serious question > from someone who does not know) I'm asking specifically about Red Hat > because I am a Corporate America slave and IBM has made this the distribution > that most of corp America will use. Best way are integrity checks with tripwire, aide, afick [1] or other relatet tools. Other way around if don't have a database with the checksumms from the clean system you can use chkrootkit [2]
Sven [1] http://afick.sf.net [2] http://www.chkrootkit.org/ -- Das Weihnachtskonzert COMBO GUANO 23.12.2003, Saal Norhausen Lev. Rheindorf http://www.comboguano.de _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
