Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Link to Us
Linux Jobs

Top White Papers

  • Corporate e-Learning technology has a long and diverse pedigree. As far back as the 1980s, companies were adopting computer-based training to supplement...

  • On-demand Event Event Date: July 17, 2014 Utilizing Server-Side PCIe flash storage offers a high-performance and cost-efficient alternative to a traditional...

More on LinuxToday

Kernel Developers Share Security Tips

Oct 07, 2011, 15:02 (0 Talkback[s])
(Other stories by Joe Brockmeier)

[ Thanks to Amy Newman for this link. ]

"Kroah-Hartman also recommends inspecting systems using a live CD and scanning through logs looking for 'mysterious' messages like programs trying to touch /dev/mem.

"Willy Tarreau also contributed several suggestions, like checking to see that connections between local machines are expected. Tarreau advises users to grep /var/log/messages specifically for "sshd" and to look for the string 'Invalid user' coming from internal machines.

"Tarreau notes that outgoing SMTP requests are also suspect. "If one machine suddenly tries to send mails directly to outside, it might be someone trying to steal some data" such as SSH keys, said Tarreau."

Complete Story

Related Stories: