TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TCLUG:5793] security

    I don't think anyone mentioned Tripwire--a good way to make check what
configuration/basic binaries have been altered after/during a hack.  Done as
a cron job and keeping an older copy of its report to diff with, you can
tell really quickly which if any files that only *you* should change have
been changed.

It can be found on freshmeat, I believe.

Also on freshmeat, the Linux Security Administration Guide is a good
reference, mentions things like using netstat and lsof (oh did someone
mention immediately going to redhat and downloading all the updated packages
to fix known security holes?) to check what's going on with your network.