[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] pkg.nl.cobalt - Open SSH

Subject: Re: [cobalt-users] pkg.nl.cobalt - Open SSH
From: flash22@xxxxxxx
Date: Mon Jan 7 11:42:53 2002
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Mon, 7 Jan 2002, Jeff Lasman wrote:
> 
> We had a machine rooted on Saturday.  While I watched in fact, but there
> 
> EVERY command-line utility was replaced.  So you couldn't see anything
> wrong if you used them.

rkdet is kind of an interesting quick and dirty utility , it watches for
just that case (common command files being replaced) and sends out an
email, while it's not exactly on the scale of tripwire, it is nice for a
mini-monitor type program....

http://vancouver-webpages.com/rkdet/

(freshmeat supposedly has an archive, but seems dead at the moment ;)

ps: you might want to md5 the kit and post that to the sec lists so people
can track it....some folks do like to watch how these things spread...

gsh

References:
- Re: [cobalt-users] pkg.nl.cobalt - Open SSH
  - From: Jeff Lasman

Prev by Date: [cobalt-users] Viewing Sites b4 propagation
Next by Date: Re: [cobalt-users] pkg.nl.cobalt - Open SSH
Previous by thread: Re: [cobalt-users] pkg.nl.cobalt - Open SSH
Next by thread: Re: [cobalt-users] pkg.nl.cobalt - Open SSH

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index