Frank Shute frank at
Sun May 30 15:25:49 BST 2004

On Sun, May 30, 2004 at 02:53:13PM +0100, Grant wrote:
> Also what is this "rootkit attacks" could someone expand of that for 
> me... oh and what i might need to protect myself from them...

It's where an attacker exploits one of the services you are running
and compromises your machine ie. gains root.

The usual thing is that they replace various system binaries like ps
(which can expose them otherwise) and install a sniffer of some sort.
These various bits of software they install and use to break in are
collectively known as a "root kit".

To protect yourself, keep an eye out for any security announcements
and keep your application and system software up-to-date and/or

Also keep an eye on your system logs for anything funny looking.

I also run security/chkrootkit out of cron weekly.



     PGP key:
^^^^^                                                          ^^^^^

More information about the Ukfreebsd mailing list