Security Basics mailing list archives
SecurityFocus Article Announcement
From: Stephen Entwisle <se () securityfocus com>
Date: Fri, 21 Mar 2003 09:25:41 -0700 (MST)
IDS Logs in Forensics Investigations: An Analysis of a Compromised Honeypot by Alan Neville This paper will deconstruct the steps taken to conduct a full analysis of a compromised machine. In particular, we will be examining the tool that was used to exploit a dtspcd buffer overflow vulnerability, which allows remote root access to the system. The objective of this paper is to show the value of IDS logs in conducting forensics investigations. http://www.securityfocus.com/infocus/1676 Stephen Entwisle Moderator, Security-Basics SecurityFocus http://www.securityfocus.com (403) 213 3939 ext. 235
Current thread:
- SecurityFocus Article Announcement Stephen Entwisle (Mar 07)
- <Possible follow-ups>
- SecurityFocus Article Announcement Stephen Entwisle (Mar 13)
- SecurityFocus Article Announcement Stephen Entwisle (Mar 18)
- SecurityFocus Article Announcement Stephen Entwisle (Mar 21)
- SecurityFocus Article Announcement Stephen Entwisle (Mar 25)
- SecurityFocus Article Announcement Stephen Entwisle (Mar 25)
- Re: SecurityFocus Article Announcement Times Enemy (Mar 26)
- RE: Re: SecurityFocus Article Announcement Stephen Entwisle (Mar 26)
- SecurityFocus Article Announcement Stephen Entwisle (Mar 28)