with the word [SPAM]. An email header (X-BitDefender-Spam: Yes/No) is added to all
emails to ease the client-side filtering.
11.6. Perform a network security audit
Beside its anti-malware, data recovery and mail filtering capabilities, LinuxDefender comes
with a set of tools that perform an in-depth host & network security audit. Forensics analysis
of compromised systemsis also possible usingthe security tools includedinto LinuxDefender.
Read this small tutorial to learn how you can start a quick security audit of your hosts or net-
works.
11.6.1. Check for rootkits
Before start looking for security issues on networked computers, first be sure that the
LinuxDefender host is not compromised. You can perform a virus scanning of installed hard-
drives, as shown in Scan for viruses tutorial or you can scan for Unix rootkits.
First, mount allyour hard-disk partition,double-clicking their desktop iconsor by usingmount
command in the console. Then double click the ChkRootKit icon to check the CD content or
launch the chkrootkit command in the console, using -r NEWROOT parameter to specify the
new / (root) directory of the host.
# chkrootkit -r /dev/hda3
If a rootkit is found, chkrootkit will show the finding in BOLD, using capital letters.
11.6.2. Nessus - the Network Scanner
What is Nessus. “ Nessus is the world's most popular open-source vulnerability scanner used
in over75,000 organizationsworld-wide. Many ofthe world's largestorganizations areobtaining
significant cost savingsby using Nessusto audit business-criticalenterprise devices and applic-
ations. ”
Nessus can be used to remotely scan your network computers against various vulnerabilities.
It also recommends some measures to take to mitigate security risks and to prevent security
incidents.
Double-click the Nessus Security Scanner desktop icon or run startnessus from a terminal.
Wait until the following window is shown. Depending on your hardware resources, it may
take up to 10 minutes for Nessus to load, along its more than 5000 plugins containing vulner-
ability databases. Use knoppix user and knoppix password to log in.
109
11
BitDefender
Rescue CD
LinuxDefender howto
