Here’s a Simple Script to Detect the Stealthy Nation-State BPFDoor | Qualys Security Blog
In this blog, the Qualys Research Team explains the mechanics of a Linux malware variant named BPFdoor. We then demonstrate the efficacy of Qualys Custom Assessment and Remediation to detect it…
blog.qualys.com
Filenames
/dev/shm/kdmtmpflush
/dev/shm/kdumpflush
/dev/shm/kdumpdb
/var/run/xinetd.lock
/var/run/kdevrund.pid
/var/run/haldrund.pid
/var/run/syslogd.rebootProcess names
/sbin/udevd -d
/sbin/mingetty /dev/tty7
/usr/sbin/console-kit-daemon –no-daemon
hald-addon-acpi: listening on acpi kernel interface /proc/acpi/event
dbus-daemon –system
hald-runner
pickup -l -t fifo -u
avahi-daemon: chroot helper
/sbin/auditd -n
/usr/lib/systemd/systemd-journald
/usr/libexec/postfix/master
qmgr -l -t fifo -u'경로 및 정보' 카테고리의 다른 글
| wordpress /wp-json/?rest_route=/wp/v2/users/ (0) | 2024.07.15 |
|---|---|
| BIND의 DNS질의(query) 로그 (0) | 2024.06.24 |
| WordPress-xmlrpc-취약점 (0) | 2024.05.18 |
| Car Keen Lab (0) | 2024.05.17 |
| BDF door 경로 (0) | 2024.05.14 |
wtdsoul