lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <6FD9716D-349A-11D8-9262-000A95A0453E@umich.edu>
From: wes at umich.edu (Wesley D Craig)
Subject: Removing ShKit Root Kit

On 22 Dec 2003, at 10:11, nicholas wrote:
> To avoid this sort of thing in the future, and to help you find out 
> what
> changed on your box, i'd look into www.lids.org, aide.sf.net,
> ippersonality.sf.net and bits and pieces of the openwall.com project 
> for
> server level security (not network/firewall level).

In addition to filesystem integrity checking, our tool:

	http://radmind.org/

can reverse the changes made by a root kit, providing you boot from 
known good media.  Of course, it is theoretically possible for a root 
kit to be totally undetectable, even by a tripwire...

:wes

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ