1 views collected around this technical thread.
This article details a real‑world Linux server intrusion, describing the observed symptoms, the forensic investigation using commands like ps, top, last, and grep, the removal of malicious cron jobs and backdoors, and the lessons learned for securing SSH, file attributes, and cloud security groups.
This article documents a real‑world Linux server compromise, detailing the observed symptoms, forensic commands, malicious scripts, file‑locking tricks, and a step‑by‑step remediation process including SSH hardening, cron cleanup, chattr usage, and preventive security recommendations.
This article reviews the most effective Linux antivirus solutions, explains why antivirus protection is still needed on Linux servers despite the platform's inherent security, and provides detailed descriptions of each tool along with installation guidance and usage tips.
This article details a real‑world Linux server compromise, describing the symptoms, possible causes, investigative commands, hidden malicious scripts, file attribute locks, and practical remediation steps to restore the system and improve future security.
This guide outlines comprehensive Linux security hardening steps—including account protection, service minimization, password policies, sudo usage, file system safeguards, rootkit detection tools, and post‑attack response—to help operations teams secure their servers against common threats.
This article walks through a real‑world Linux mining malware infection, detailing how the attacker hid a malicious cron job, used LD_PRELOAD rootkits, propagated via SSH keys, and how the analyst uncovered and removed the threat using busybox, strace, and careful forensic commands.
This article walks through a real‑world Linux server compromise, detailing the symptoms, forensic commands, rootkit discovery, attack vector via an Awstats vulnerability, and provides a comprehensive recovery checklist for securing the system.
This guide presents a comprehensive Linux security hardening checklist covering account and login safety, unnecessary service removal, password and key authentication policies, sudo usage, filesystem protection, remote access safeguards, rootkit detection tools, and step‑by‑step incident response for compromised servers.