I'm primarily a
User Developer Sysadmin A mixture Something else entirely .. ( 393 votes ~ 7 comments )
You are not currently logged in. If you do not have a user account then please consider creating one and logging in before you post your comment. This will allow you to track replies to your comment, and take part in the site much more freely.
To add your comment, fill in all the boxes below and then preview it to make sure you're happy with the way that it looks.
This is the comment you were replying to, attached to the article Question: Has My Box Been compromised?:
#3 Re: Question: Has My Box Been compromised? Posted by ajt (82.133.xx.xx) on Wed 20 Jul 2005 at 19:11 I'm downloading INSERT and Knoppix-STD as I type onto a clean machine, and I'll see what they turn up. I think the root-kit email is a false positive - I've seen it before. Chkrootkit said the box was okay, and I'll run that again from a clean boot. I've had AIDE installed on the box, but when Sarge was "testing" the packages changed too often for it to practical. Now Sarge is stable, it's probably wise to put it back on again. I think my sound SSH policy: root login disabled, and user login allowed by certificate only, should see the box okay, I'm just paranoid. -- "It's Not Magic, It's Work" Adam
I'm downloading INSERT and Knoppix-STD as I type onto a clean machine, and I'll see what they turn up. I think the root-kit email is a false positive - I've seen it before. Chkrootkit said the box was okay, and I'll run that again from a clean boot.
I've had AIDE installed on the box, but when Sarge was "testing" the packages changed too often for it to practical. Now Sarge is stable, it's probably wise to put it back on again.
I think my sound SSH policy: root login disabled, and user login allowed by certificate only, should see the box okay, I'm just paranoid.
-- "It's Not Magic, It's Work" Adam
Posting Format:
Inappropriate comments will be removed.
Some help on entry formatting is available
Username:
Password:
[ Advanced Login ]
Register Account
