[arch-general] My Apache Sever Compromised?
Simon Brand
simon.brand at postadigitale.de
Mon Mar 31 06:36:04 EDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
You can also use
pacman -Qkk
For example, boot from iso, mount your root device as /mnt
pacman -Qkk -r /mnt
Not every warning means a compromission.
To find files not owned by a package, use:
find /mnt/ -exec pacman -Qqo {} -r /mnt \;
Maybe you need better filtering here, like using /mnt/usr, /mnt/etc,
... instead /mnt, because lots of files should not be owned by a package.
I haven't tried this, it is only a comment.
Am 31.03.2014 07:05, schrieb Theo Jones:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iF4EAREIAAYFAlM5RRMACgkQkr64biT2RYTdfAD/YyvqzKaDg8aCHCSS/cdJo4rU
5Lg0yOLwzK02w//mgdoA/ieOaAXwDBWn0SyLkqmo4JE2TxbJv6OS6u3YWhle/xKn
=eG2B
-----END PGP SIGNATURE-----
More information about the arch-general
mailing list