Sniffing out dangerous permissions
If your server's been round the block a few times, it may need a permissions spring clean.
Suspect hidden files and directories
Hidden files are generally fine, but can also be malicious backdoors. To list shy files in a terminal, along with the rest, use this syntax:
ls –la /path/to/somewhereIn your home directory, for instance, that should show up some files prefixed with a dot:
drwx------ [blah blah whatnot] .aptitude
-rw------- [blah more whatnot] .bash_historyGood. Now you can join the dots. Let's run some scans, printing results to the screen. The first is for a hidden directory. Repeat the scan replacing the d with an f for file:
sudo find / -name '.*' -type d –printNote
Shared types will save a ton of time using a CLI for this job, but the alternative is to trawl file explorer. Drop sudo because you don't have privileges to elevate.
Variations on the regular .* theme could be ..* or .. * (with the space). Mix it up and, again for all examples, run scans...
