cable modem activity

Charly Baker cmb-h7HJ8Pof2EbbR28j2ZUwYgC/G2K4zDHf at public.gmane.org
Wed Apr 21 19:34:24 UTC 2004


Further to my other reply:

When I said better still install treeps, I should have said it is probably a 
waste of time using ps, you really have to have another utility such as 
treeps.  The reason is that rootkits will often include a replacement ps and 
a replacement pstree that won't show you the processes that the rootkit runs.  
Treeps will.  If you really think that you may be compromised, then standard 
tools like ps won't help, unless you get the binary from a known to be secure 
and uncompromised machine.

BTW, this isn't theory, it is my own personal experience.

Charly Baker

On Wednesday 21 April 2004 3:11 pm, Mel Seder wrote:
> I left the computer on and went for lunch.  The computer wasn't doing
> anything that used the modem and I had no scheduled jobs.
>
> When I came back from lunch the cable model was going at full blast.
>
> Is there a command or something I can do to see what processes are running
> instead of just shutting down the computer?
>
>
>
> =====
> The true measure of a man is how he treats someone who can do him
> absolutely no good. -Samuel Johnson, lexicographer (1709-1784)
> --
> The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list