
How to Tell If Your Linux Server Has Been Compromised - carlchenet
https://bash-prompt.net/guides/server-hacked/
======
pecg
Well, the article's author assumes every GNU/Linux sysadmin is running bash as
the default interactive shell for root, and systemd as the
init/login/logger/network/<and satan knows what else> daemon, which is not
true. Many distributions using the linux kernel avoid systemd and bash as part
of the defaults, for lots of different reasons, so from a technical point of
view I think the article is useless.

