Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Kernel Developers Share Security Tips

Oct 07, 2011, 15:02 (0 Talkback[s])
(Other stories by Joe Brockmeier)

[ Thanks to Amy Newman for this link. ]

"Kroah-Hartman also recommends inspecting systems using a live CD and scanning through logs looking for 'mysterious' messages like programs trying to touch /dev/mem.

"Willy Tarreau also contributed several suggestions, like checking to see that connections between local machines are expected. Tarreau advises users to grep /var/log/messages specifically for "sshd" and to look for the string 'Invalid user' coming from internal machines.

"Tarreau notes that outgoing SMTP requests are also suspect. "If one machine suddenly tries to send mails directly to outside, it might be someone trying to steal some data" such as SSH keys, said Tarreau."

Complete Story

Related Stories: