Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Linux Journal: Thwarting the System Cracker, Part 4

Oct 15, 1999, 12:36 (4 Talkback[s])
(Other stories by Marcel Gagné)

"This week's episode: verifying the integrity of your files."

"One of the first things your cracker will do is replace certain files on your system. You will wind up with a new version of "netstat" so that a "netstat -a" does not show any evidence of your cracker's presence. The cracker will also replace any file that might give him or her away."

"Since the files have been replaced, simply doing an "ls" will only confirm that the files are there. There are a number of ways that you can detect modified files on your system."

Complete story.

Related Stories: