Thanks, Chad. Very useful post.
Smitty
Chad Perrin wrote:
> On Thu, Jan 24, 2008 at 04:13:19PM -0500, tom smith wrote:
>> Good article with a test to see if your box is infected.
>> Smitty
>> http://www.linux.com/feature/125548
>
> Summary:
>
> 1. Protect your root password.
>
> A. Make sure you don't use it across unencrypted connections.
>
> B. Make sure you don't allow direct root login over the network so
> nobody can perform online brute force and dictionary attack password
> cracking attempts.
>
> C. Make sure your root password is strong -- preferably at least 12
> characters including capital and lower-case letters, numbers, special
> characters, and spaces.
>
> D. Make sure your passwords use Blowfish instead of MD5 or DES. See my
> article at http://blogs.techrepublic.com.com/security/?p=377 for more
> details.
>
> 2. Check your system to see if it's infected by creating a directory
> called something like "123". If it doesn't work, you may be infected.
>
> 3. If infected, do what you should always do when your system is
> infected: nuke and pave. I hope you have good backups.
>
> Hm. I think I've got a quick throw-away article I can publish at
> TechRepublic here.
>
> . . .
>
> Okay. I decided to write it before sending this to the list. Have a
> look:
>
> http://blogs.techrepublic.com.com/security/?p=396
>
> There isn't much more information there than in this email, bit I think I
> managed to shoehorn a little more wit into it at least. More links to
> other articles, too.
>
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:06:10 EDT