Quote:
Originally Posted by J65nko
Instead of clamscan or a rootkit detector you could use aide to check the integrity of your server. This would rather be easy to use because you have physical access to the server.
|
Like Jggimi mentioned, one could also use mtree to verify file integrity, thus not needing any additional software (which I like). A short quote from the man page:
Quote:
To detect system binaries that have been ``trojan horsed'', it is recommended that mtree -cK sha1digest be run on the file systems, and a copy of the results stored on a different machine, or, at least, in encrypted form.
|