Hi Ged, On Wed, 2007-10-03 at 18:50 +0100, ged wrote: > What's the chance of being taken over by these things ? > How can I check for root kits on linux ? >
On a desktop/laptop client slim, very slim. On a server running popular web applications, somewhat higher. On a system running out of date popular web applications, or other applications that require external connectivity inbound with an open firewall, even higher still. It's a real piece of string thing. There are tools to check for "rootkits" and you can also enable some log watching programs to see when people attempt to intrude. Both are somewhat academic, because once you have found a rootkit or detect that you have been compromised the general consensus is that you should wipe the machine and start again. Trying to find and remove compromised pieces on a system, and then certify confidence it isn't compromised any more is not something I (or many other admins) would do. Cheers, Al.
signature.asc
Description: This is a digitally signed message part
-- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/
