LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
Reload this Page ***Rootkit Exploit Caught in 10.2*** WARNING
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 02-16-2007, 05:53 AM   #1
beachboy2
Senior Member
 
Registered: Jan 2007
Location: Wild West Wales, UK
Distribution: Linux Mint 21 MATE, EndeavourOS, antiX, MX Linux
Posts: 3,972
Blog Entries: 32

Rep: Reputation: 1465Reputation: 1465Reputation: 1465Reputation: 1465Reputation: 1465Reputation: 1465Reputation: 1465Reputation: 1465Reputation: 1465Reputation: 1465
***Rootkit Exploit Caught in 10.2*** WARNING

I am aware of the "sticky" in Security about ssh. I just thought that more people would see the post if it were placed here.

I have just noticed this post on another forum.

http://www.suseforums.net/index.php?showtopic=31358

There is probably no need to panic but just make sure that the usual good housekeeping is performed with strong passwords, active firewalls etc.
In addition do ensure that a rootkit hunter such as rkhunter is installed. It comes with the 10.2 OS but it is not enabled.
For those using another OS or who require further information please visit:

www.rootkit.nl
 
Old 02-16-2007, 06:25 AM   #2
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
I would add the following as things to do on the ssh server:

- Make sure only Protocol 2 is allowed
- Disable root login
- Strongly consider using public key authentication and disabling username/password authentication.
- Use a file monitoring program like Aide, Samhain or Tripwire
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
rootkit hunter warning found differences in output kernel modules opto Linux - Security 6 02-06-2007 07:30 PM
Which signals can and should be caught? introuble Programming 2 08-21-2006 06:52 AM
LXer: SECURITY: Easy Rootkit Crontab Exploit Found LXer Syndicated Linux News 0 07-19-2006 04:33 PM
Caught in the LOOP Nimoy Linux - General 11 02-01-2004 03:57 AM
Signal 11 Caught ixion Linux - General 0 02-11-2003 06:49 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 06:12 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration