Penetration Testing mailing list archives
analysis after hack - marks and tracks you can see..
From: D.K. <dunkeeper () gmail com>
Date: Mon, 25 Jun 2007 01:11:59 +0200
Hi all, I want to open a discussion about [old||new||newest] methods in detection of "attendance an intruder in linux system". In general I'm interested in subject of analysis after hack, especially - what kind of a marks/track intruder leaves after himself. Where an administrator should look and for what he should looking for. What are typical and non typical signals which can say anybody who shouldn't is/was in the system. If anybody can describe for me methods and give real examples of use a method of discovering a intruder and a examples of a activity of an intruder and examples of marks and tracks which was or can be leave in a system I would be grateful Thank you for all responses ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- analysis after hack - marks and tracks you can see.. D . K . (Jun 25)