View Single Post
  #8   (View Single Post)  
Old 14th December 2012
denta denta is offline
Shell Scout
 
Join Date: Nov 2009
Location: Sweden
Posts: 95
Default

Quote:
Originally Posted by J65nko View Post
Instead of clamscan or a rootkit detector you could use aide to check the integrity of your server. This would rather be easy to use because you have physical access to the server.
Like Jggimi mentioned, one could also use mtree to verify file integrity, thus not needing any additional software (which I like). A short quote from the man page:
Quote:
To detect system binaries that have been ``trojan horsed'', it is recommended that mtree -cK sha1digest be run on the file systems, and a copy of the results stored on a different machine, or, at least, in encrypted form.
Reply With Quote