Rootkits on Linux
Saturday, October 6th, 2007eBay recently preformed an analysis of the security threats facing them and found something quite surprising. Apparently, many phishers are using Linux machines with rootkits, pieces of software that hide files and activities of a piece of malicious code, on them to serve the fake web pages used in phishing attacks. Although it is not certain, it is likely that the vulnerabilities used to put rootkits on Linux PCs come from third-party software, not the base system, which would mean that real servers may not be at much risk.
Luckily, there are a number of utilities, such as rkdet (I have not tested rkdet or others myself.), to detect rootkits on Linux.
