How can I find, Which part of my system are infected or injected?

J

Jason Long

Guest
Hello.
How can I find which part of my system changed by an attacker? For example, An attacker hack my system and inject a code into Kernel or insert a backdoor, How can I understand it?

Tnx.
 


Thank you.
I know the ClamAV and others but I means is detect it manually. Some tools like DeepFreeze exit for Linux and they Freeze System but Can I protect Kernel and sensitive part of my systems via "fail2ban" , "SElinux" or Others?
 
I'd use my versioned backups to compare changes over time. Backups have thousands of uses and helping solve security issues is in the top 5.
 

Staff online

Members online


Latest posts

Top