LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Blogs > unSpawn
User Name
Password

Notices

Uncategorized Entries with no category
Old

Required Reading: Detect and Clean a hacked server (like, not)

Posted 07-26-2006 at 04:47 PM by unSpawn

I wonder what would happen (think newbie) if I would trust information from one source? Take for instance Detect and Clean a hacked server T0rnkit Tutorial which says I can completely recover a compromised and rootkitted box *just by deleting and installing some tools*. Of course *you* know that's completely wrong (and the comments say that as well) because you've read more docs (or had the experience of having to mop up after a breach). But how about someone who doesn't see the comments? Someone...
Moderator
Posted in Uncategorized
Views 615 Comments 0 unSpawn is offline
Old

Here we go...

Posted 07-26-2006 at 08:12 AM by unSpawn

Rootkit Hunter: new project leader.
Moderator
Posted in Uncategorized
Views 792 Comments 0 unSpawn is offline
Old

Required Reading: After an Exploit: mitigation and remediation

Posted 07-25-2006 at 05:05 AM by unSpawn
Updated 07-08-2011 at 05:49 PM by unSpawn (Changed URI from SecurityFocus:2006 to Symantec:2010)

After an Exploit: mitigation and remediation.
"In this article we describe a few hardening and alerting methods for Unix servers that help block vectors for various attacks, including two web-based application attacks and the brute-forcing of SSH passwords. The article then looks at what an administrator should do post-compromise."
Moderator
Posted in Uncategorized
Views 590 Comments 0 unSpawn is offline
Old

Solaris vs. Linux Comparison

Posted 07-13-2006 at 01:25 PM by unSpawn

Sometimes it's good to lend another persons view to look at familiar things like GNU/Linux: Solaris vs. Linux: Framework for the Comparison in Large Enterprise Environments. (The statements, views and opinions presented there are the authors' problem, not mine :-] )
Moderator
Posted in Uncategorized
Views 1065 Comments 0 unSpawn is offline
Old

Zeppoo: another RK detector for GNU/Linux?

Posted 06-06-2006 at 12:02 PM by unSpawn

OK. So there's a new one on the block. Zeppoo. Dick blogs it as a "Memory level rootkit hunter" and Gadi calls it a "Decent Rootkit Detection for Linux" in his blog , though what's decent about it isn't explained. They also fail to seize the moment to emphasise prevention is better anyway.

Quote:
Originally Posted by Zeppoo
Anti-Rootkits which donít use these methods can be fooled easily.
Like, duh?

And why doesn't anyone post up front why it's qualitatively soo much more advanced...
Moderator
Posted in Uncategorized
Views 912 Comments 1 unSpawn is offline

  



All times are GMT -5. The time now is 10:48 AM.

Main Menu
Advertisement

My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration