Full Disclosure mailing list archives
detecting rogue processes
From: "lsi" <stuart () cyberdelix net>
Date: Mon, 22 Jan 2007 13:42:39 -0000
While I'm here - it seems a similar approach could be taken with process listings. Any processes not on a list of known-good processes are flagged as intruders. Does tripwire do this stuff? Stu --- Stuart Udall stuart at () cyberdelix dot net - http://www.cyberdelix.net/ --- * Origin: lsi: revolution through evolution (192:168/0.2) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- detecting rogue processes lsi (Jan 22)