Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Technical

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 16th February 2011, 13:52
vmos vmos is offline
Member
 
Join Date: Nov 2008
Posts: 57
Thanks: 1
Thanked 0 Times in 0 Posts
Default Anti-virus // rootkit checker?

Hi there,
we've had a few debian/ubuntu servers hacked over the past year or so, ultimately each instance was traced to shoddy client code.
Most of our servers are kept well away from third party code but some have to have it.
We do what we can to secure the servers but sometimes a client says "oh we have to have this gaping php security hole otherwise my code won't work" so we put barbed wired around it and wait for those friendly indonesian chaps to hack it to pieces (seems most of our hackers are indonesian for some strange reason)

anyways, I was thinking that maybe we can be more pro-active with detecting hacks, in many cases there seems to have been several days between the inital server compromise and the clients sites turning to mush.
I was thinking maybe a cron job to run rkhunter and email the output, but this would mean a bunch of emails that need manually checked every day.

Anyone got any suggestions for a better method?
Reply With Quote
Sponsored Links
 

Bookmarks

Tags
debian, hack, rootkit, ubuntu

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
rkhunter Tripple Installation/Configuration 22 13th May 2014 23:03
rkhunter warnings esezako General 7 27th September 2011 07:28
Please review RKHUNTER Log jmh_fl General 1 27th April 2010 16:44
Debian 5.0 'hangs' GHz Installation/Configuration 5 1st October 2009 12:57
Possible hack attempt? tristanlee85 General 18 31st October 2007 15:05


All times are GMT +2. The time now is 17:30.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.