security issue help
Jim Cornette
fc-cornette at insight.rr.com
Wed Sep 13 10:59:20 UTC 2006
Leon wrote:
> My box running FC6 T3 has been warned by my College:
>
> ,----
> | We've been investigating an IRC botnet involving JANET hosts in
> | coordination with the IRC network involved. It appears, from logs of
> | connections to IRC channels, that xxxx.xxx.xxx.ac.uk is
> | involved.
> |
> | The other hosts involved so far have been compromised through an
> | unknown
> | vulnerability, possibly via. HTTP or SSH but we're not sure at this
> | stage.
> |
> | Please could you investigate as soon as possible and let us know what
> | you find. Any information could be very helpful to the other JANET
> | sites
> `----
>
> Here is the question: how can I check if my computer is compromised?
> Thank you.
>
There are two programs that check system integrity that are available in
Fedora Extras. chkrootkit and rkhunter are programs that are supposed to
find suspicious activity on your system.
Jim
--
Let the people think they govern and they will be governed.
-- William Penn, founder of Pennsylvania
More information about the fedora-list
mailing list