maintain persistency in linux

General (Technical, Procedural, Software, Hardware etc.)

Last Post by PanTovarnik 7 years ago

2 Posts

2 Users

0 Reactions

598 Views

RSS

jolintan

(@jolintan)

Trusted Member

Joined: 7 years ago

Posts: 32

Topic starter 24/09/2018 9:07 am

I suspect my web / ftp Linux server has rootkit, I found my cron job with new *.sh file created, so I cleared it, but after few days, cron job directory is fine, but under bin, sbin, there are more than 10 new executable generated, I deleted them, but few days later, they come into etc/rc various folder, thus my question is besides cron tab, is there any other places that rootkit can maintain persistency? how they maintain? thanks

Quote

PanTovarnik

(@pantovarnik)

New Member

Joined: 10 years ago

Posts: 3

24/09/2018 10:00 am

Check the system for any services that you don't recognize (using systemctl or similar)

ReplyQuote

8 Forums
15.7 K Topics
92.3 K Posts
238 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed