David Krider wrote:
On Sun, 2004-10-03 at 09:53, Sid Boyce wrote:
Rootkit scanner is scanning tool to ensure you for about 99.9% you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:
Seems to me that a better alternative to needing a "scanner" that needs constant updating to keep up with changing "fingerprints," like a virus scanner, would be to install tripwire. It keeps an encrypted database of checksums of all the important files on your system. You need a separate password to change the database. (For example, to update after installing a new package.) Even root needs that password, so a rootkit can't get on your system and mess with the database without you knowing it.
dk
The reason I go with libsafe is that it's preloaded to every binary and is more proactive in stopping the attacks at the point when they try to do damage, it needs no configuration like tripwire to be effective, still too much protection is better than too little. I also use virus scanners, clamav and BitDefender. Regards Sid. -- Sid Boyce .... Hamradio G3VBV and keen Flyer =====LINUX ONLY USED HERE=====