Servers connected to the Internet see a constant number of attacks and scans throughout the day while a firewall and regular system updates are a good first defense to keep the system secure you should also regularly check that no attacker came in
root@rpi-iot-jsho-2FA-01:~# apt-get update -y
Hit:1 http://archive.raspberrypi.org/debian bullseye InRelease
Hit:2 http://raspbian.raspberrypi.org/raspbian bullseye InRelease
Reading package lists… Done
root@rpi-iot-jsho-2FA-01:~#
root@rpi-iot-jsho-2FA-01:~# apt-get install chkrootkit
root@rpi-iot-jsho-2FA-01:~# chkrootkit
ROOTDIR is `/‘
Checking `amd’… not found
Checking `basename’… not infected
Checking `biff’… not found
Checking `chfn’… not infected
Checking `chsh’… not infected
Checking `cron’… not infected
Checking `crontab’… not infected
Checking `date’… not infected
Checking `du’… not infected
Checking `dirname’… not infected
Checking `echo’… not infected
Checking `egrep’… not infected
…
Checking `wted’… chkwtmp: nothing deleted
Checking `scalper’… not infected
Checking `slapper’… not infected
Checking `z2’… chklastlog: nothing deleted
Checking `chkutmp’… chkutmp: nothing deleted
Checking `OSX_RSPLUG’… not tested
root@rpi-iot-jsho-2FA-01:~#
root@rpi-iot-jsho-2FA-01:~# crontab -e
0 3 * * * /usr/sbin/chkrootkit 2>&1 | mail -s „chkrootkit output of my server“ josef.schuster@dpsolution.de
This entry was posted on Dienstag, März 15th, 2022 at 16:58 and is filed under Administration, Linux Solution, Security Solution. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.