On 13 Jun 2002, Tommy McLeod wrote: > use md5sum on your lsof command (md5sum /usr/sbin/lsof) > run the same thing against your original binary (from the CD) > use lsof (lsof -i tcp and lsof -i udp) > check these against a ps of all processes. > One quick note, don't forget to use the md5sum from the CD (or recompile a new one) because if a root kit has been installed chances are md5sum has been replaced to return the correct md5s for the modified binaries. James
- Re: Have I been kitted? Willi Dyck
- Re: Have I been kitted? Matthew Berg
- RE: Have I been kitted? Tim Howes
- Re: Have I been kitted? Patrick Andry
- Re: Have I been kitted? Ben Boulanger
- Re: Have I been kitted? Matthew Berg
- Re: Have I been kitted? Justin Coffey
- Re: Have I been kitted? Matthew Berg
- RE: Have I been kitted? Matthew Thompson
- RE: Have I been kitted? Tommy McLeod
- Re: Have I been kitted? James Golovich
- Re: Have I been kitted? Muhammad Faisal Rauf Danka
- Re: Have I been kitted? Matthew Berg
