WebApp Sec mailing list archives
Re: Intrusion Detection
From: skarvin <skarvin () gmail com>
Date: Mon, 10 Jul 2006 10:19:41 +0200
Hi, In my blog I have a simple list of steps to do this. It follows the CERT's checklist ( http://www.cert.org/tech_tips/intruder_detection_checklist.html ) to detect an intrussion and I've added more instructions to do this task. http://skarvin.blogspot.com/2006/06/pasos-seguir-para-detectar-una.html I hope this is helpfull for you. PD: It's in spanish :) On 7/10/06, David Robert <david31900 () rogers com> wrote:
Hello all, I've been reading this list for some time and I can't help but notice that there is a lot of information and discussion about securing systems, but very little about how to detect if you *are* compromised. This one of my major concerns. I can advocate all kinds of practices and procedures, but eventually someone will get through. So how can I tell? Especially if they are trying not to leave traces? Is there a few very simple, dumb things that everyone should do in this regard? If so, then I haven't heard them. If you could list them, or point me to some good resources, it would be much appreciated. Thanks, ------------------------------------------------------------------------- Sponsored by: Watchfire Securing a web application goes far beyond testing the application using manual processes, or by using automated systems and tools. Watchfire's "Web Application Security: Automated Scanning or Manual Penetration Testing?" whitepaper examines a few vulnerability detection methods - specifically comparing and contrasting manual penetration testing with automated scanning tools. Download it today! https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008Vmm --------------------------------------------------------------------------
-- Un saludo, skarvin weblog: http://skarvin.blogspot.com ------------------------------------------------------------------------- Sponsored by: WatchfireCross-Site Scripting (XSS) is one of the most common application-level attacks that hackers use to sneak into web applications today. This whitepaper will discuss how traditional CSS attacks are performed, how to secure your site against these attacks and check if your site is protected. Cross-Site Scripting Explained - Download this whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008Vmr --------------------------------------------------------------------------
Current thread:
- DMZ and critical data Pedro Henrique Morsch Mazzoni (Jul 08)
- Re: DMZ and critical data 蓝牙 (Jul 09)
- RE: DMZ and critical data Brian J. Bartlett (Jul 09)
- Re: DMZ and critical data Mohammad Ali Sarbanha (Jul 09)
- Intrusion Detection David Robert (Jul 09)
- Re: Intrusion Detection Ivan Ristic (Jul 10)
- Re: Intrusion Detection Jamie Riden (Jul 10)
- Re: Intrusion Detection Daniel Cid (Jul 11)
- Re: Intrusion Detection David Ryan (Jul 12)
- Re: Intrusion Detection skarvin (Jul 12)
- <Possible follow-ups>
- Re: DMZ and critical data sarbanha (Jul 09)
- Message not available
- Re: DMZ and critical data Ken Adler - QDSP, CISSP, PMP, CISA (Jul 09)
- Message not available