My linux CentOS server has been compromised lately (rootkit). Some files attributes have been changed, for example the command :
lsattr /bin/ls
gives
s---ia------- /bin/ls
How cand I use find
command to list all files on system that have attributes set to s---ia-------
instead of -------------
?