* Virtuozzo for Linux
VPS can be compromised if its owner uses insecure or out-of-date software. To detect if VPS #101 has any rootkits installed, one can use chkrootkit utility either inside a VPS or (better) on a hardware node, using -r /vz/root/101 parameter. There is also a way to determine which packages were modified on a VPS:
# /usr/share/vzpkgtools/vzrpm/bin/rpm --root=/vz/root/101 --veid 101 -Va egrep '^..5missing'
This command shows files which were modified or removed.
Follow the instructions from the corresponding article to repair hacked VPS.
No comments:
Post a Comment