[Am-info] SECURITY CHECKS: chkrootkits and other tools for OS/2?

[Glenn T. Livezey, Ph.D.]

THIS MAY BE A REPEAT BUT SOME OF THE ADDRESSEES TOOK UMBRIDGE AT BEING
BCC'd AND PLACED IT IN POSTING PERGATORY.

Owing to the coming long weekend, increasing hack attacks and some
recent and mysterious (to me) hang-ups on my IBM ICS for OS/2 web
server, I am looking for any tools that would help me trouble shoot
vulnerabilities on an OS/2 server and OS/2 webserver.

RE: IBM ICS for OS/2 webserver, my website simply becomes inaccessible,
though when I go to the server and look at the screen, the open web
server app indicates "server is ready", and there are no entries in 
either the httpd-log (access log) or httpd-error (error log) to point
to some request or command that has put my site 'out of reach'.
Simply resetting/restarting the server doesn't fix it, I have to shut
it down and start it up again.

A recent exploit where it would actually shutdown the webserver was
fixed by a complete re-install - but who wants to do that more than
once?

I can find no directory/file dates indicating new or recent changes
that I can't otherwise explain as normal or intentional changes on my
part. 

Are there any OS/2 tools out there to help this amateur RTFM-only-
when-I-need-to-know 'sysop' protect himself and his neighbors?  

A recent mailing refered to chkrootkits, tools to locate rootkits,
worms and other invaders that have set up outposts in stealthmode
on other peoples machines. But I see no reference to indicate if
any of these will run on OS/2.

Also, a friend recently had his IRIX box commandeered by a buffer
overflow exploit - anything designed to protect/check an SGI machine
would also be of use here. 

Any and all help would be appreciated. 

Thanks

Glenn
-- 
Gle
-- 
Glenn T. Livezey, Ph.D.

University of Minnesota
Neuroscience Department
Room 6-145 Jackson Hall
321 Church St. S.E.
Minneapolis, MN 55455

(612) 624-2991 FAX 6-5009 
glivezey@lenti.med.umn.edu
livezey@bigfoot.com