Firewall Wizards mailing list archives
Re: FW: OK, I've been hacked, now what?
From: Asmodeus <asmodeus () benshaw com>
Date: Fri, 14 May 1999 08:13:41 -0400 (EDT)
On Wed, 12 May 1999 kevin.sheldrake () baedsl co uk wrote:
I assume that Tripwire tracks changes to files. How does it distinguish between normal, everyday system usage and unauthorised access? Is it available for NT Server 4, NT Workstation 4, DEC Unix, Solaris?
It can't tell the difference. A changed file is a changed file. Although from my experience, very few files are changed/added/deleted once the server is set up. Plus you can also set it to monitor certain directories (oh, like /etc, /boot and so on) so any filestorage points don't have to be monitored. I'm not sure offhand if it comes in an NT flavour, but the *nix boxen should work fine. .Shawn
Current thread:
- RE: OK, I've been hacked, now what?, (continued)
- RE: OK, I've been hacked, now what? Scott, Richard (May 05)
- Re: OK, I've been hacked, now what? Joseph S D Yao (May 05)
- RE: OK, I've been hacked, now what? Scott, Richard (May 05)
- RE: OK, I've been hacked, now what? sedwards (May 07)
- RE: OK, I've been hacked, now what? Scott, Richard (May 07)
- RE: OK, I've been hacked, now what? Chris Tobkin (May 10)
- RE: OK, I've been hacked, now what? kevin . sheldrake (May 11)
- RE: OK, I've been hacked, now what? dbell (May 12)
- RE: OK, I've been hacked, now what? Peter Mayne (May 12)
- FW: OK, I've been hacked, now what? kevin . sheldrake (May 13)
- Re: FW: OK, I've been hacked, now what? Asmodeus (May 16)
- Re: FW: OK, I've been hacked, now what? Joseph S D Yao (May 16)
- Re: FW: OK, I've been hacked, now what? Crispin Cowan (May 16)
- Re: FW: OK, I've been hacked, now what? Lance Spitzner (May 16)
- Re: FW: OK, I've been hacked, now what? Cohen Liota (May 16)
- Re: FW: OK, I've been hacked, now what? dreamwvr (May 16)
- RE: OK, I've been hacked, now what? Scott, Richard (May 05)