LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Blogs
User Name
Password

Notices

Old

Rootkit Hunter: IptabLex, IptabLes

Posted 06-14-2014 at 04:17 AM by unSpawn
Updated 06-22-2014 at 04:50 AM by unSpawn (//Added auditing examples)
Tags iptablex

Compromises leaving .IptabLes and .IptabLex binaries (with or without dot) in /, /boot, /etc and or /usr seem to be quite common:
http://ubuntuforums.org/showthread.php?t=2226673
http://www.linuxquestions.org/questi...ns-4175502655/
http://forum.synology.com/enu/viewto...p?f=19&t=85779
http://daivietpda.vn/threads/203145/
http://security.stackexchange.com/qu...s-and-iptablex...
Moderator
Posted in Uncategorized
Views 842 Comments 0 unSpawn is offline

  



All times are GMT -5. The time now is 10:10 PM.

Main Menu
Advertisement

My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration