Introduction to the anti-tampering of the Linux Sys Monitor system operation and maintenance monitors

Hackers may attack your server for a number of purposes. Common, such as the government's official website homepage was tampered with.

It is not uncommon for WikiLeaks founder Julian Assange to invade the websites of government agencies such as the U.S. Department of Defense for two years before being discovered.

Hackers generally will modify your system files after the intrusion, leaving behind the back door for yourself. The next time you do not need to enter the password can log in.

such as login program:/bin/login file.

or modify the/bin/ps file, hide their own Trojan process.

To find out if these system files were tampered with, or if your site files were tampered with.

You'll need tools to find them.

With this tamper-proof feature, you can quickly discover and restore them.

Then through the process monitoring function above, you can effectively locate the trojan and clear them.

And you can use the Trojan Horse process ID, in the port monitoring to lock to which computer is using them.

Data Source Configuration

If this is the first time you use this feature, click the "Set Data Source" button.

The data source is the backup source for the folder you want to tamper with.

There are two types of data sources: FTP, CD-ROM, or local directory, and only one of them can be selected.

For example:

Select the FTP type,

The connection address is the IP of the FTP server (please ensure that the Linux computer can access this address)

After completing the login user, login password, point "test" can test the Linux machine can access this address, and verify the username, password.

Specify a directory: for example, I put each folder to be backed up in the FTP/tamperbackup/directory, "/" means the login user name when the successful logon path.

When you select a disc or local directory, the interface is as follows:

This article URL address: http://www.bianceng.cn/OS/Linux/201410/45347.htm