Re: freebsd rootkit

From: Eric Parusel (lists@globalrelay.net)
Date: 05/29/01

• Next message: Lim Seng Chor: "chkrootkit"
• Previous message: Lim Seng Chor: "Re: freebsd rootkit"
• In reply to: Lim Seng Chor: "Re: freebsd rootkit"
• Next in thread: Chris Byrnes: "Re: freebsd rootkit"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Eric Parusel" <lists@globalrelay.net>
To: "Lim Seng Chor" <Lim.Seng.Chor@sit.edu.my>, <freebsd-security@freebsd.org>
Date: Tue, 29 May 2001 11:39:30 -0700

> sorry, you all misunderstood me... : (
>
> i am the system admin of my site here, and i am suspecting my
> user is compromising my system files. i would like to check on
> what the files availble in rootkit, and see whether my users are
> using that or not.
> it is just for security audit purpose....
>
> stop xxxxxxx me please....
>

I realize that hindsight is 20/20, but properly set up tripwire or a
tripwire-like software package (AIDE, mtree?) would have worked
wonders in this situation....

Oh, and: http://www.google.com/search?q=freebsd+rootkit

Eric Parusel

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Lim Seng Chor: "chkrootkit"
• Previous message: Lim Seng Chor: "Re: freebsd rootkit"
• In reply to: Lim Seng Chor: "Re: freebsd rootkit"
• Next in thread: Chris Byrnes: "Re: freebsd rootkit"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: freebsd rootkit ... i am the system admin of my site here, and i am suspecting my ... user is compromising my system files. ... (FreeBSD-Security) Re: freebsd rootkit ... JEAH Communications, LLC ... On Wed, 30 May 2001, Lim Seng Chor wrote: ... > i am the system admin of my site here, ... > user is compromising my system files. ... (FreeBSD-Security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint