[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Re: [cobalt-users]Was IPs related to hackers Now rootkit

Subject: Re: [cobalt-users] Re: [cobalt-users]Was IPs related to hackers Now rootkit
From: flash22@xxxxxxx
Date: Thu Feb 15 06:12:30 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Sun, 11 Feb 2001, Jonathan Nichols wrote:

> ah ha! One of the productive ones :)
> I haven't actually heard of this one yet, but the page mentions 
> PortSentry, which I've seen pop up on this list before.
> Snort and tripwire are other good things to have around.

portsentry might, you have to fiddle with the network scripts, tripwire is
fairly non-intrusice to the config, it's really just a little database of
file checksums, other than adding a cron entry i don't think it needs much
at least for a minimal configuration...

And it is kind of nice to have something tell you you got a root kit
installed when it happens rather than 3 months later when you find out
because several people call you to ask how someone got their credit card
numbers etc ;0

References:
- [cobalt-users] Re: [cobalt-users]Was IPs related to hackers Now rootkit
  - From: Jonathan Nichols

Prev by Date: Re: [cobalt-users] Not getting emails!!!
Next by Date: Re: [cobalt-users] helpppp
Previous by thread: Re: [cobalt-users] Zone problem? Need help!!
Next by thread: Re: [cobalt-users] IPs related to hackers

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index