What program do you use for detecting Rootkits? How do you know what to trust?
Answer
On Unix-based systems, Tripwire is a good general "what changed on this machine today?" solution. There are other, more specific rootkit detectors out there, but I've always thought that it was a matter of playing catchup with the bad guys; you'll never be sure that your rootkit detector is up-to-date enough to catch all of 'em.
No comments:
Post a Comment