LinuxQuestions.org - security question

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - security question (https://www.linuxquestions.org/questions/linux-newbie-8/security-question-475172/)

computer

08-18-2006 01:09 PM

security question

hi

Ok, I have some security questions lets think about when somebody breaks into the system.

1. What to do to trace them.

2. How would you work out what they have been doing.

3. What they can do to destroy the evidence,

4. what the system would do to destroy the evidence, how would you figure out.

any help would be appreciated.

thank you

acid_kewpie

08-18-2006 02:32 PM

your questions really don't make much sense without a context to put them in... how you deal with an intruder depends on how they intrude... just like real life and all that. they can do whatever their exploit of means of attack permits them to do... can't say any more than that. essentially you'd check for problems sing tools like rkhunter which look for known issues that could occur from a number of different attacks, but past that we really can't say much...

farslayer

08-18-2006 02:53 PM

Search for Linux Forensics in your favorite search engine for info, whitepapers, etc..

Computer forensics is the process of investigation and analysis of an incident.

All times are GMT -5. The time now is 01:50 AM.