[plug] Finding a possible trojan/exploit?
Steve Baker
steve at iinet.net.au
Sat Jan 20 11:35:29 WST 2007
Craig Foster wrote:
>>Chkrootkit and rkhunter say everything is clean. I'm planning on
>>attaching a sniffer with nessus and wireshark (aka ethereal) next week
>>to hopefully give some more clues but I need to find/build a box to do
>>that first.
>>
>>
>What does clamdscan say?
>
>Clam finds quite a few linux Trojans and exploits, and a weekly scan of
>servers is always recommended...
>
>Craig F.
>
>
Clam didn't find anything, however I'm running Ubuntu which only has
clamav 0.88.4 instead of the latest 0.88.7 - I don't know how big a
difference this would make. It does have the latest pattern database.
I'll try to build the latest ClamAV from source and see if that helps
find anything.
Regards,
Steve
More information about the plug
mailing list