/tmp directory

/tmp directory
A lot of the time malicious scripts will be installed into
the /tmp directory
You should always checks for files in here that are
executable with:
find /tmp -perm +a=x

Check Your Filesystem
rpm -V (can't always be trusted)
check your fstab and mtab for changes
/etc/ld.*
All binaries in $PATH especially commonly used
ones
Check for binaries that have been renamed or have
wrappers around them

  • 86 Users Found This Useful
Was this answer helpful?

Related Articles

A Beginner's Guide to Securing Your Server

A Beginner's Guide to Securing Your Server These are items inside of WHM/Cpanel that should be...

Recommended Security Settings

Recommended Security SettingsCopyright © 2009 cPanel, Inc.Revision HistoryRevision 1 Sept. 28,...

Security 1

Physical SecurityLocal SecurityRemote Security Your server is just like your office.Keep a...

Security 2

Main TopicsDisabling toolsSYN cookiessysctlApache modulesWhat to do if your hacked. Disable...

Securing Linux

Local security measures● Protecting against common remote attacks● What to do after an attack,...