How to check is a linux server is compromised or rooted?

CodeRabbit: AI Code Reviews for Developers

Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

coderabbit.ai

featured

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

featured

bpftrace

1 24 7,647 0.0 C++

Discontinued High-level tracing language for Linux eBPF [Moved to: https://github.com/bpftrace/bpftrace] (by iovisor)

bpftrace and/or bpfcc-tools can also be useful (dpkg -L bpftrace to see available tools). You can monitor files being opened/written at kernel level (opensnoop*, filelife*, filetop*), connections being established (tcp*bpfcc), etc.
CodeRabbit

coderabbit.ai featured

CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
bcc

2 79 20,904 9.0 C

BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more

bpftrace and/or bpfcc-tools can also be useful (dpkg -L bpftrace to see available tools). You can monitor files being opened/written at kernel level (opensnoop*, filelife*, filetop*), connections being established (tcp*bpfcc), etc.
rules

3 7 4,272 0.0 YARA

Repository of yara rules

On the other hand, you could also use a Yara scanner (apt install yara) to scan for IOCs. Here's a good list of rules https://github.com/Yara-Rules/rules

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Ask HN: How to measure the latency numbers every programmer should know?

1 project | news.ycombinator.com | 24 Aug 2023
Tag Systems

2 projects | news.ycombinator.com | 18 Apr 2023
eBGP tracing for newbie

1 project | /r/eBPF | 23 Jan 2023
[beetrace]Trace your python process line by line with low overhead!

2 projects | /r/Python | 13 Jan 2023
Beginner questions

1 project | /r/eBPF | 14 Sep 2022

How to check is a linux server is compromised or rooted?

This page summarizes the projects mentioned and recommended in the original post on /r/debian
hardware-buttons scrape-images linkedin-bot
Post date: 16 Sep 2022

bpftrace

CodeRabbit

bcc

rules

Related posts

Ask HN: How to measure the latency numbers every programmer should know?

Tag Systems

eBGP tracing for newbie

[beetrace]Trace your python process line by line with low overhead!

Beginner questions

Did you know that C is
the 6th most popular programming language
based on number of references?

How to check is a linux server is compromised or rooted?

This page summarizes the projects mentioned and recommended in the original post on /r/debian hardware-buttons scrape-images linkedin-bot Post date: 16 Sep 2022

bpftrace

CodeRabbit

bcc

rules

Related posts

Ask HN: How to measure the latency numbers every programmer should know?

Tag Systems

eBGP tracing for newbie

[beetrace]Trace your python process line by line with low overhead!

Beginner questions

Did you know that C is the 6th most popular programming language based on number of references?

This page summarizes the projects mentioned and recommended in the original post on /r/debian
hardware-buttons scrape-images linkedin-bot
Post date: 16 Sep 2022

Did you know that C is
the 6th most popular programming language
based on number of references?