|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Gathering volatile information
From: Kyle Maxwell (krmaxwell
gmail.com)
Date: Wed Apr 13 2005 - 15:22:14 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 4/13/05, Bob the Builder <builder173hotmail.com> wrote:
> In the Unix environment there seem to be various lists of bits and pieces
> but no really definitive list of commands related to gathering volatile
> information that you should and shouldn't run and what types of things they
> are likely to interfere with. Am I missing something here, does just such a
> list exist and I'm just not looking in the right place, or is it about time
> somone set about righting one? I'm not talking about a religious argument on
> the merits of what stage a machine should be taken offline at but more what
> the volatile data gathering options are that are available to you if as in
> incident handler you need them.
Try http://www.cert.org/tech_tips/intruder_detection_checklist.html,
that may be what you're looking for.
--
Kyle Maxwell
[krmaxwellgmail.com]
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]