¨dont let attacker get root in the first place
Use difficult to guess passwords
Apply patches
Close unused ports
¨File integrity checkers
Create a read-only database of cryptographic hashes for critical system files, store these off line, and
regularly compare hashes of the active
programs to the stored hashes looking
for changes
¨