Unix Security: Diagnostics and Forensics

Printer friendly: DVI | Postscript | PDF |

This document is intended to help Unix/Linux sys-admins with the diagnostic and forensic examination of a machine that has been hacked — or help determine whether a suspect machine has been. Specifically the document describes:

Contents: Immediate StepsBackground MaterialFirst Steps --- Make these before you rebootSecond StepsDiagnostic/Forensic Tools 1:Diagnostic/Forensic Tools 2: NetworkDiagnostic/Forensic Tools 3: Verify Installed Software

About this document:

Produced from the SGML: /home/umits/public_html/_unix_security/_reml_grp/diagnostic_forensic_tools.reml
On: 23/10/2005 at 13:29:12
Options: reml2 -i noindex -l long -o html -p multiple