This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
start:auditformalware [2022/11/10 19:44] – peter | start:auditformalware [2022/11/10 19:59] – peter | ||
---|---|---|---|
Line 17: | Line 17: | ||
Another tool is **clamav** although it has limited use. You can install it with " | Another tool is **clamav** although it has limited use. You can install it with " | ||
+ | Another tool is **maldet** which you can install, however its not currently in the debian repos. It is best to check how to install it from the github page as its maintained by the author: https:// | ||
+ | Dont forget to check open ports which is documented here: [[Start: | ||
+ | You can also lookup how to use yara, and there are signatures here (https:// | ||
+ | And last thing to note, as always, if anything malicious is ever found, then its best to totally wipe and start again with a new system rather than fix or attempt to fix a rooted box. Hopefully some of these overviews help you out as a basic starting place :) | ||
+ | - P | ||
+ | |||
+ | |||
+ | Further reading once the basics are no longer helpful: | ||
+ | |||
+ | https:// | ||
+ | |||
+ | https:// | ||
+ | |||
+ | https:// | ||
+ | |||
+ | https:// | ||
+ | |||
+ | https:// | ||
+ | |||
+ | https:// | ||
+ | |||
+ | https:// |