[plug] Finding a possible trojan/exploit?
steve at iinet.net.au
Sat Jan 20 11:35:29 WST 2007
Craig Foster wrote:
>>Chkrootkit and rkhunter say everything is clean. I'm planning on
>>attaching a sniffer with nessus and wireshark (aka ethereal) next week
>>to hopefully give some more clues but I need to find/build a box to do
>What does clamdscan say?
>Clam finds quite a few linux Trojans and exploits, and a weekly scan of
>servers is always recommended...
Clam didn't find anything, however I'm running Ubuntu which only has
clamav 0.88.4 instead of the latest 0.88.7 - I don't know how big a
difference this would make. It does have the latest pattern database.
I'll try to build the latest ClamAV from source and see if that helps
More information about the plug