LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Blogs > unSpawn
User Name
Password

Notices

Uncategorized Entries with no category
Old

Required Reading: Detect and Clean a hacked server (like, not)

Posted 07-26-2006 at 05:47 PM by unSpawn

I wonder what would happen (think newbie) if I would trust information from one source? Take for instance Detect and Clean a hacked server T0rnkit Tutorial which says I can completely recover a compromised and rootkitted box *just by deleting and installing some tools*. Of course *you* know that's completely wrong (and the comments say that as well) because you've read more docs (or had the experience of having to mop up after a breach). But how about someone who doesn't see the comments? Someone...
Moderator
Posted in Uncategorized
Views 639 Comments 0 unSpawn is offline
Old

Here we go...

Posted 07-26-2006 at 09:12 AM by unSpawn

Rootkit Hunter: new project leader.
Moderator
Posted in Uncategorized
Views 817 Comments 0 unSpawn is offline
Old

Required Reading: After an Exploit: mitigation and remediation

Posted 07-25-2006 at 06:05 AM by unSpawn
Updated 07-08-2011 at 06:49 PM by unSpawn (Changed URI from SecurityFocus:2006 to Symantec:2010)

After an Exploit: mitigation and remediation.
"In this article we describe a few hardening and alerting methods for Unix servers that help block vectors for various attacks, including two web-based application attacks and the brute-forcing of SSH passwords. The article then looks at what an administrator should do post-compromise."
Moderator
Posted in Uncategorized
Views 615 Comments 0 unSpawn is offline
Old

Solaris vs. Linux Comparison

Posted 07-13-2006 at 02:25 PM by unSpawn

Sometimes it's good to lend another persons view to look at familiar things like GNU/Linux: Solaris vs. Linux: Framework for the Comparison in Large Enterprise Environments. (The statements, views and opinions presented there are the authors' problem, not mine :-] )
Moderator
Posted in Uncategorized
Views 1087 Comments 0 unSpawn is offline
Old

Zeppoo: another RK detector for GNU/Linux?

Posted 06-06-2006 at 01:02 PM by unSpawn

OK. So there's a new one on the block. Zeppoo. Dick blogs it as a "Memory level rootkit hunter" and Gadi calls it a "Decent Rootkit Detection for Linux" in his blog , though what's decent about it isn't explained. They also fail to seize the moment to emphasise prevention is better anyway.

Quote:
Originally Posted by Zeppoo
Anti-Rootkits which donít use these methods can be fooled easily.
Like, duh?

And why doesn't anyone post up front why it's qualitatively soo much more advanced...
Moderator
Posted in Uncategorized
Views 941 Comments 1 unSpawn is offline

  



All times are GMT -5. The time now is 04:58 PM.

Main Menu
Advertisement

My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration