Security Incidents mailing list archives
SecurityFocus Article Announcement: Incident Response Tools For Unix, Part One: System Tools
From: Dan Hanson <dhanson () securityfocus com>
Date: Thu, 27 Mar 2003 16:24:24 -0700 (MST)
Hey incidents subscribers, many times posters to this list have questions about odd behaviour on a host and the answer is usually to run some investigative tools. The following series will hopefully help people investigating potential breaches on Unix or Linux systems. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Incident Response Tools For Unix, Part One: System Tools By Holt Sorensen This article is the first in a three-part series on tools that are useful during incident response and investigation after a compromise has occurred on a OpenBSD, Linux, or Solaris system. This installment will focus on system tools, the second part will discuss file-system tools, and the concluding article will look at network tools. http://www.securityfocus.com/infocus/1679 ---------------------------------------------------------------------------- Powerful Anti-Spam Management and More... SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.surfcontrol.com/go/zsfihl1
Current thread:
- SecurityFocus Article Announcement: Incident Response Tools For Unix, Part One: System Tools Dan Hanson (Mar 27)