[svlug] botnets
John Conover
conover at rahul.net
Mon Jan 8 11:14:54 PST 2007
BTW:
http://www.derks.it/tools.html
is kind'a neat-its clever. Very simple way of detecting malware and
rootkits-runs out of cron several times an hour, so is stingy with
resources.
Not perfect, but powerful considering its simplicity.
John
BTW, not to mention that arpwatch(8) running 24/7 is
handy-particularly for wireless LANs. A lot of this stuff has been
thought out over the decades of Unix/Linux experience, and is readily
available; its just that most folks on the Internet don't know about
it, or how to use it. Probably more of an educational issue, as
mentioned earlier.
--
John Conover, conover at rahul.net, http://www.johncon.com/
More information about the Svlug
mailing list