[clue-tech] rootkit detection
David L. Anselmi
anselmi at anselmi.us
Tue Nov 1 13:40:41 MST 2005
Jim Ockers wrote:
> Another invaluable command is lsof -n which lists all open filehandles
> including network sockets and even listeners.
[...]
> Not sure if that's available for unixes other than Linux.
I've seen it on Solaris but it seems not to be native so there may be
limitations. Google suggests that in Solaris 10 pfiles will provide
similar info.
Dave
_______________________________________________
CLUE-tech mailing list
CLUE-tech at cluedenver.org
http://cluedenver.org/mailman/listinfo/clue-tech
More information about the clue-tech
mailing list