Not quite the monitoring I’m talking about though.
Basically, it seems like this would be a nightmare for a home user to detect, but a company is probably gonna pick up on this quite quickly with snmp monitoring (unless it somehow does something to that).
Yes, but they replace common tools like top or lsof with manipulated versions. This might at least trick less experienced sysadmins.
Not quite the monitoring I’m talking about though.
Basically, it seems like this would be a nightmare for a home user to detect, but a company is probably gonna pick up on this quite quickly with snmp monitoring (unless it somehow does something to that).