Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [suse-security] Intrusion
From: Togan Muftuoglu (toganmusers.sourceforge.net)
Date: Mon Nov 24 2003 - 10:39:33 CST
* Antun Balaz; <antunphy.bg.ac.yu> on 24 Nov, 2003 wrote:
>I install security paches routinely every week. Can you give me more
>details how to check if my server is afftected in any way (I deleted
>content of /tmp directory and applied all measures suggested by Bjorn -
>thanks a lot), i.e. if some files are replaced etc.
If you have deleted the /tmp that it is difficult to do analysis but not
imposible. Have you tried to check your system with chkrootkit ?
Doing update every week for me is a long time YMMV. Either use YOU or
fou4suse and let them do the updating patches for you everyday. When
there is a Security anouncement from SuSE immediately apply the patch.
If I were you to sleep a little bir comfortable I would have reinstalled
the whole machine.
Unofficial SuSE FAQ Maintainer
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here