[clug] DDos attacks using Linux hosts. (the-sky-is-falling now a "thing", according to the Aztec calendar)
Bryan Kilgallin
bryan at netspeed.com.au
Thu Sep 8 14:29:36 UTC 2016
Thanks, Scott:
> Given the context, I'm unsure as to what you expected.
Some report as to whether or not a rootkit was present.
> Given that you
> have posed no question - I'm unsure as to the point of your post.
It was a statement.
> Was
> there a point?
Please interpret the report.
> A list of variations from rkhunter's default expectations is of
> immeasurable concern.
That was why I posted it.
> Is this a debian based system?
Yes: Ubuntu 12.04 LTS.
> if so did you create a debsum database
> on creation? Have you run one since?
I have no idea what you're on about!
> Did you create a read-only SHA256+ hashed db on your system before
> exposing it to the intertubes?
I installed tripwire by default. Then because I didn't understand it, I
deleted that.
> On a removable device?
Nope.
> If the answer to
> those questions is no, I'm uncertain of what you could expect without a
> baseline...
I'm not understanding, which is why I posted.
> I ask partially because others may jump to the conclusion that belatedly
> installing and then running rkhunter may prove of use as a substitute
> for prior planning and proper deployment.
You mentioned tools that I hadn't heard of. So I tried them!
> Perhaps I'm putting too much into the assumption you simply installed it
> onto a box that has been running unmonitored for some time, ran it once
> without reading the man file and are now concerned by results you don't
> understand.
I had a brief squiz at the info.
> But I'm guessing.
I am not a subject expert of whatever you were writing about.
> Given more time and sleep I hope I would phrase the previous
> differently, but as that's not the case I hope instead that it may
> provide some help with the question you failed to ask.
Do I need to delete some unknown suspect file?
--
www.netspeed.com.au/bryan/
==========================
More information about the linux
mailing list