Security/Hacked System - Now what?!!
bruce
badouglas at gmail.com
Sun Dec 22 00:36:26 UTC 2013
For sake of discussion, assume a fresh base desktop install of the OS
(Fed/RHEL/Centos).
After doing the install from the iso(s), you install :
-rkhunter
-chkconfig
You then go through the services, and disable any services you don't need/want.
You then mod SSH as required to disable root login
OK, what else should you do?
Regarding rkhunter, is it simply a process to allow you to detect if
anything "file" has been changed, so you can then go back to the
previous backup?
Are there any linux apps/services (ala what's on Windows) to
"detect/prevent" rootkits/being hacked?
I've looked over a bunch of webdics/articles, and thought it might be
useful to have a thread on this here, as I'm currently going through
this process.
Thoughts/Comments Welcome
Thanks
More information about the users
mailing list