| 1 |
On Mon, Aug 9, 2010 at 1:59 PM, 7v5w7go9ub0o <7v5w7go9ub0o@×××××.com> wrote: |
| 2 |
> On 08/09/10 12:25, Paul Hartman wrote: |
| 3 |
> [] |
| 4 |
>> If anyone has advice on what I should look at forensically to |
| 5 |
>> determine the cause of this, it is appreciated. I'll first dig into |
| 6 |
>> the logs, bash history etc. and really hope that this very happened |
| 7 |
>> recently. |
| 8 |
>> |
| 9 |
>> Thanks for any tips and wish me good luck. :) |
| 10 |
> |
| 11 |
> AntiVir (Avira) anti-malware scanner has hundreds of Linux rootkit/virus |
| 12 |
> signatures; you might scan your box with that. It has an on-access, |
| 13 |
> realtime monitor option as well, which I use it to monitor anything |
| 14 |
> downloaded and or compiled on my box (in case the distribution screen |
| 15 |
> gets hacked). |
| 16 |
> |
| 17 |
> <http://www.free-av.com/en/download/download_servers.php> |
| 18 |
> |
| 19 |
> Presuming you're rooted, you might first try their stand-alone, linux |
| 20 |
> live-disk scanner so as to avoid borked kernel and/or core utilities: |
| 21 |
> |
| 22 |
> <http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html> |
| 23 |
|
| 24 |
Was not aware of that one, I'll give it a try. Thanks. |
Archives