Hey incidents subscribers, many times posters to this list have questions about odd behaviour on a host and the answer is usually to run some investigative tools. The following series will hopefully help people investigating potential breaches on Unix or Linux systems. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Incident Response Tools For Unix, Part One: System Tools By Holt Sorensen This article is the first in a three-part series on tools that are useful during incident response and investigation after a compromise has occurred on a OpenBSD, Linux, or Solaris system. This installment will focus on system tools, the second part will discuss file-system tools, and the concluding article will look at network tools. http://www.securityfocus.com/infocus/1679 ---------------------------------------------------------------------------- Powerful Anti-Spam Management and More... SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.surfcontrol.com/go/zsfihl1
This archive was generated by hypermail 2b30 : Thu Mar 27 2003 - 18:09:44 PST