How can I find, Which part of my system are infected or injected?

J

Jason Long

Guest
Hello.
How can I find which part of my system changed by an attacker? For example, An attacker hack my system and inject a code into Kernel or insert a backdoor, How can I understand it?

Tnx.
 


Thank you.
I know the ClamAV and others but I means is detect it manually. Some tools like DeepFreeze exit for Linux and they Freeze System but Can I protect Kernel and sensitive part of my systems via "fail2ban" , "SElinux" or Others?
 
I'd use my versioned backups to compare changes over time. Backups have thousands of uses and helping solve security issues is in the top 5.
 

Staff online

Members online


Top