Re: kernel.org status: hints on how to check your machine forintrusion

[Greg KH]

On Sat, Oct 01, 2011 at 09:35:33AM +0200, Willy Tarreau wrote:
> Hi Greg,
> 
> On Fri, Sep 30, 2011 at 04:59:24PM -0700, Greg KH wrote:
> > The compromise of kernel.org and related machines has made it clear that
> > some developers, at least, have had their systems penetrated.  As we
> > seek to secure our infrastructure, it is imperative that nobody falls
> > victim to the belief that it cannot happen to them.  We all need to
> > check our systems for intrusions.  Here are some helpful hints as
> > proposed by a number of developers on how to check to see if your Linux
> > machine might be infected with something:
> 
> I would like to add here a few controls I ran on firewall and system logs,
> that are easy to perform and which report few false positives :

<snip>

Thanks for this great list, it is much appreciated.

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/