Sid Boyce wrote:
David Krider wrote:
On Sun, 2004-10-03 at 09:53, Sid Boyce wrote:
Rootkit scanner is scanning tool to ensure you for about 99.9% you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:
Seems to me that a better alternative to needing a "scanner" that needs constant updating to keep up with changing "fingerprints," like a virus scanner, would be to install tripwire. It keeps an encrypted database of checksums of all the important files on your system. You need a separate password to change the database. (For example, to update after installing a new package.) Even root needs that password, so a rootkit can't get on your system and mess with the database without you knowing it.
dk
The reason I go with libsafe is that it's preloaded to every binary and is more proactive in stopping the attacks at the point when they try to do damage, it needs no configuration like tripwire to be effective, still too much protection is better than too little. I also use virus scanners, clamav and BitDefender. Regards Sid.
Are the last two s/w packages you mention, namely clamav and BitDefender, specific for Linux platforms ? Where can they be found ? Are they commercial products ? I hope they are all easy to install ... As a graduate student overwhelmed with research issues, I love to install rpm files as it only require one command line .... Whenit comes to installing products that require options set-up then I ususally give up for lacjk of time on reading and documenting myself. Thank you for all your help. Regards, maura