Re: Ubuntu, Crypto Malware
By: Android8675 to Digital Man on Wed Nov 30 2022 08:27 am
> Re: Ubuntu, Crypto Malware
> By: Digital Man to Android8675 on Tue Nov 15 2022 11:51 am
>
> > Re: Ubuntu, Crypto Malware
> > By: Android8675 to All on Tue Nov 15 2022 07:51 am
>
> > > Hey all, anyone have any experience with crypto infected Linux systems?
>
> > > So, before I do that I thought I might see if there's anyone who's had
> > > experience with this sort of thing who might be willing to take a peek?
>
> > I was running a version of GitLab (a year ago?) that had an exploit
> > published and I was vulnerable for about 24 hours before upgrading to a
> > fixe
>
> Is there a simple way to clean out the /tmp folder in Linux, for us phlebs?
https://askubuntu.com/questions/20783/how-is-the-tmp-directory-cleaned-up
> /var/log folder getting kindda rhobust too)
Most apps that log there should have configurable log rotation policies.
> So I could not for the life of me figure out where the exploit was on my
> system until I watched the process carefully. I could kill the process
> easily enough (sudo top), but it would fire up again within 10-15 minutes.
'sudo ps aux' will display the full path to all running processes. That's how yo
u'd know *where* it is on your system, then you start grepping for what restarts
that process upon boot (if it is).
--
digital man (rob)
Synchronet/BBS Terminology Definition #34:
FTN = FidoNet Technology Network
Norco, CA WX: 59.2°F, 68.0% humidity, 0 mph ENE wind, 0.00 inches rain/24hrs
---
■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
|
