Firewall Wizards mailing list archives
FW: OK, I've been hacked, now what?
From: kevin.sheldrake () baedsl co uk
Date: Wed, 12 May 1999 18:40:42 +0100
I assume that Tripwire tracks changes to files. How does it distinguish between normal, everyday system usage and unauthorised access? Is it available for NT Server 4, NT Workstation 4, DEC Unix, Solaris? Kevin Sheldrake CCIS Prototypes and Demonstrations British Aerospace Defence Systems [+44 | 0] 1202 408035, kevin.sheldrake () baedsl co uk
-----Original Message----- From: Peter Mayne [SMTP:Peter.Mayne () digital com] Sent: 12 May 1999 04:08 Tripwire will do pretty reasonable job of telling you what's changed. This need not be expensive. PJDM ---- Peter Mayne, Compaq Computer Australia, Canberra, ACT These are my opinions, and have nothing to do with Compaq. A room without books is like a body without a soul. - Cicero-----Original Message----- From: kevin.sheldrake () baedsl co uk[SMTP:kevin.sheldrake () baedsl co uk]Sent: Tuesday, May 11, 1999 6:38 PM To: firewall-wizards () nfr net Subject: RE: OK, I've been hacked, now what? After an attack has been discovered, the victim (company)mustinvestigate the damage to the liberated system. This could involvemanuallychecking all files in all directories for alteration. Following this,thesystem should then be checked in order to detect any external copying offiles(this could involve the system logs or a network traffic monitor.) These two activities are expensive.
Current thread:
- Re: OK, I've been hacked, now what?, (continued)
- Re: OK, I've been hacked, now what? Bluefish [@ home] (May 16)
- RE: OK, I've been hacked, now what? Scott, Richard (May 05)
- Re: OK, I've been hacked, now what? Joseph S D Yao (May 05)
- RE: OK, I've been hacked, now what? Scott, Richard (May 05)
- RE: OK, I've been hacked, now what? sedwards (May 07)
- RE: OK, I've been hacked, now what? Scott, Richard (May 07)
- RE: OK, I've been hacked, now what? Chris Tobkin (May 10)
- RE: OK, I've been hacked, now what? kevin . sheldrake (May 11)
- RE: OK, I've been hacked, now what? dbell (May 12)
- RE: OK, I've been hacked, now what? Peter Mayne (May 12)
- FW: OK, I've been hacked, now what? kevin . sheldrake (May 13)
- Re: FW: OK, I've been hacked, now what? Asmodeus (May 16)
- Re: FW: OK, I've been hacked, now what? Joseph S D Yao (May 16)
- Re: FW: OK, I've been hacked, now what? Crispin Cowan (May 16)
- Re: FW: OK, I've been hacked, now what? Lance Spitzner (May 16)
- Re: FW: OK, I've been hacked, now what? Cohen Liota (May 16)
- Re: FW: OK, I've been hacked, now what? dreamwvr (May 16)