-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Neil Bothwick wrote: > I agree, heavy disk I/O can cause major slowdowns, but if someone is > considering a rootkit infection, they should at least be aware of the > facts when looking for it.
I agree. Let's add some data to the thread: http://en.wikipedia.org/wiki/Rootkit http://www.net-security.org/dl/articles/Detecting_and_Understanding_rootkits.txt nmap your server from outside, full port range tcp, udp. (ok, lots of rootkits still use OOB, IGMP, ICMP, etc for control and data transport). Can you boot from a livecd and run rkhunter AND chkrootkit from it? Do it. If you need off-list help, contact me. - -- Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica SHOW DE FUTURABANDA - Sabado 18 de Agosto 2007 (Speed King, Capital Federal) Entradas anticipadas a traves de www.futurabanda.com.ar - Punk Rock Melodico -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGuFhqAlpOsGhXcE0RCohGAKCDNEEdp5VyftUmjNwSJzxR4VV1MQCeJthp cC2LijA7WV9hTjYnbsocbVw= =ufZS -----END PGP SIGNATURE----- -- [EMAIL PROTECTED] mailing list
