nanog mailing list archives
Re: RE: Security Guideance
From: Paul Bosworth <pbosworth () gmail com>
Date: Tue, 23 Feb 2010 15:31:56 -0500
Place an ids in front of the server and write a rule for the traffic signature. Paul B. Sent with Android On Feb 23, 2010 3:25 PM, "Matt Sprague" <msprague () readytechs com> wrote: The user could also be running the command inline somehow or deleting the file when they log off. Check who was logged onto the server at the time of the attack to narrow down your search. I like the split the users idea, though it could be several iterations to narrow down the culprit. -----Original Message----- From: Ronald Cotoni [mailto:setient () gmail com] Sent: Tuesday, February ...
Current thread:
- Security Guideance Paul Stewart (Feb 23)
- Re: Security Guideance Ronald Cotoni (Feb 23)
- RE: Security Guideance Matt Sprague (Feb 23)
- Message not available
- Re: RE: Security Guideance Paul Bosworth (Feb 23)
- Re: Security Guideance Michael Holstein (Feb 23)
- Re: Security Guideance Chris Adams (Feb 23)
- RE: Security Guideance Adam Stasiniewicz (Feb 23)
- Re: Security Guideance Aaron L. Meehan (Feb 24)
- RE: Security Guideance Matt Sprague (Feb 23)
- Re: Security Guideance Ronald Cotoni (Feb 23)
- Re: Security Guideance Dan White (Feb 23)
- Re: Security Guideance acv (Feb 23)
- Re: Security Guideance Nathan Ward (Feb 23)
- RE: Security Guideance Joe (Feb 23)
- Re: Security Guideance Curtis Maurand (Feb 24)