Short bio: Computer Scientist, FOSS supporter (read more)
Tux Machines (TM)-specific
Recently one of my servers was hacked and my first reaction was to freak out and panic. After I calmed myself down, I immediately stopped the front door the attackers had gotten to the server by shutting down the apache server.
After that, I had no idea where to start looking for backdoors that maybe installed on the system. So i downloaded highly recommended rootkits for exactly these types of situations. The following rootkits helped me identify the issues on my system and figure out what to do.
1. Rootkit Hunter – scans files and systems for known and unknown rootkits, backdoors, sniffers, and malware. The application consists of the main shell script, a few text-based databases, and optional Perl scripts. It can recognise and run external applications like ‘skdet’ and ‘unhide’. It should run on almost every Unix clone.