Date: Tue, 29 May 2001 11:39:30 -0700 From: "Eric Parusel" <lists@globalrelay.net> To: "Lim Seng Chor" <Lim.Seng.Chor@sit.edu.my>, <freebsd-security@freebsd.org> Subject: Re: freebsd rootkit Message-ID: <01a601c0e86e$bfd137a0$0600020a@frontend> References: <3B145A16.26692.847EDF@localhost>; from Lim Seng Chor on Wed, May 30, 2001 at 02:25:28AM %2B0800 <3B145C04.31331.8C0610@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
> sorry, you all misunderstood me... : ( > > i am the system admin of my site here, and i am suspecting my > user is compromising my system files. i would like to check on > what the files availble in rootkit, and see whether my users are > using that or not. > it is just for security audit purpose.... > > stop xxxxxxx me please.... > I realize that hindsight is 20/20, but properly set up tripwire or a tripwire-like software package (AIDE, mtree?) would have worked wonders in this situation.... Oh, and: http://www.google.com/search?q=freebsd+rootkit Eric Parusel To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01a601c0e86e$bfd137a0$0600020a>