http://www.randombugs.com Just another Bastard Operator From Hell. Everything from *nix to programming Thu, 06 May 2010 14:21:46 +0000 en hourly 1 http://wordpress.org/?v=3.0 http://www.randombugs.com/hacker/chkrootkit-debian-ubuntu.html http://www.randombugs.com/hacker/chkrootkit-debian-ubuntu.html#comments Mon, 09 Mar 2009 13:32:09 +0000 admin http://www.randombugs.com/?p=244
When we auditing a Linux system we have a lot of good tools to monitor unexpected changes and unexpected behaviour of a system. Earlier we talked about rkhunter as a system check for rootkits and now, as an alternative, we will talk about chkrootkit (Determine whether the system is infected with a rootkit). If you want to know a definition of what is a rootkit please read the first article about rkhunter. chkrootkit is a freesoftware what is work with Linux, FreeBSD, OpenBSD, NetBSD, Solaris, HP-UX 11, Tru64, BSDI and Mac ...]]> http://www.randombugs.com/hacker/chkrootkit-debian-ubuntu.html/feed 0 http://www.randombugs.com/hacker/scan-rootkits-ubuntu-debian.html http://www.randombugs.com/hacker/scan-rootkits-ubuntu-debian.html#comments Sat, 07 Mar 2009 16:44:25 +0000 admin http://www.randombugs.com/?p=230
GNU/Linux and other unix operating systems are a very hostile environments for viruses, but they are still in the front of other malware / exploits. The most dangerous malware under GNU/Linux are the rootkits. What is a rootkit? Is a program (or a set of programs or scripts) designed to hide the fact a system was compromised. Also a rootkit can leave a backdoor entrance for a malicious person and can modify your system (hiding files, process, network connections, blocks of memory) to don’t detect that person when is on ...]]> http://www.randombugs.com/hacker/scan-rootkits-ubuntu-debian.html/feed 3 http://www.randombugs.com/hacker/password-protecting-grub-bootloader-linux.html http://www.randombugs.com/hacker/password-protecting-grub-bootloader-linux.html#comments Wed, 04 Mar 2009 21:55:51 +0000 admin http://www.randombugs.com/?p=217
Protecting your bootloader is intended for a desktop workstation and not for a production server. Why protecting your bootloader ? Because with a simple boot in single mode a malicious person can change your root password or steal your data. Protecting your bootloader with a password will protect your computer to run in single mode without your permission, but will not protect you to boot from a bootable cd if you don’t also protect your BIOS. Because some people use grub some and some people are using LILO I will explain ...]]> http://www.randombugs.com/hacker/password-protecting-grub-bootloader-linux.html/feed 1