On Thu, Aug 30, 2001 at 05:30:23PM +0800, Fritz Mesedilla wrote:
> hi!
> i was given a server with majordomo that is online.
> now they want it to be secured by reformatting it.
>
> kasi hindi namin alam kung baka napasok na ito.
> and someone has left a sniffer o kung ano man.
>
> is reformatting it the only way to secure it?
> is there a tool that can check for sniffers?
>
> it would really help a lot if you can give me advice.
Not a majordomo question. Anyway, I learned a trick to find "script kiddies":
find / -name "*.c"
If you're using a distribution with a package manager, you can also list
all the contents then look for all executable files that do not belong.
And, if you can, boot the machine off a known good kernel just in case
they were able to put in kernel module trojans.
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
