Electronic Books

 If any files or directories implanted by commonly known rootkits are detected, those
will be noted. The command checks for more than 60 known rootkits.
 If any suspicious-looking files appear, they will be listed so you can check them
(although they might not represent the presence of a rootkit).
If the search turns up a rootkit, chances are that someone else has control of your machine. Often
the best course of action is to reinstall the system. You may be able to replace just the commands
that have been infected, but it you do, you first want to make sure that multiple backdoors have
not already been placed on your system.
Summary
Securing your Linux system is something you need to do from the very beginning and continue as
you use your Linux system. By implementing good security practices (such as practices described
in the security checklist at the beginning of this chapter), you stand a better chance of keeping out
intruders over the long haul.
248
Running the Show Part II
Going forward, you can help keep your Linux system secure by using encrypted network applications
(such as ssh), monitoring log files, and adhering to good password techniques. If your Linux
system is being used as a server, you need to take particular care in narrowing the access to the
server and protecting data.


Pages:
506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530