whird.jpope.org cover image

Hints on how to check your Linux machine for intrusion

This post is mostly so I don’t lose track of this info. I’ve seen all these listed before but, after any fresh install, I seem to forget them. It’s easy to fall into the ‘I run Linux, I’m safe.’ mindset. The successful attack on kernel.org is a perfect example of why we, as Linux users, are not immune. Anyway, Thanks Greg. I copied and pasted this directly from the source: https://lkml.org/lkml/2011/9/30/425 The compromise of kernel.org and related machines has made it clear that some developers, at least, have had their systems penetrated. As we seek to secure our infrastructure, it is imperative that nobody falls victim to the belief that it cannot happen to them. We all need to check our systems for intrusions. Here are some helpful hints as proposed by a number of developers on how to check to see if your Linux machine might be infected with something: 0. One way to be sure that your system is not compromised is to simply do a clean install; we can all benefit from a new start sometimes. Befor…