On Sat, Dec 11, 2010 at 11:41 AM, Aman Thakur <aman.thakur.1...@gmail.com> wrote: > > So just backup you data, only data and reinstall your system. And update > your system with the latest security updates. Even if you succeed fixing > this system, even then there are chances for the system to be compromised > once again. Because it may be possible that attacker may have generated a > vulnerability into the system. So, reinstall is the best way to ensure the > security and is a permanent fix. Thats the only way to secure your system. > > And i hope you must be having a good idea about the rootkits now.....:)
One can also use tripwire or aide after OS install and each updates; keep the signature db file on a ro media. Comparing the system against the db file will tell you the files that do not match. Depending on the magnitude of the compromise, the admin can repair the package(s) or reinstall. -- Arun Khan _______________________________________________ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd