create new tag
, view all tags
Resources re computer security.

See AboutThesePages.



Cleaning Up After a Crack

From civileme (Re: [expert] Hack attack or not?; 27 Jul 20020):

Put in CD#1 cd /mnt/cdrom rpm -ivh --force basesystem-8.2-1mdk.i586.rpm

This will generally blow away anything done to /bin /sbin or /lib

Use the now good ls and rgrep tools to scan other directories for martians--if you see any, by God, push the button.

Stopping DOS or Virus Spreading

Look for this thread -- one has a script (from Michael Viron), one has some suggested sites (from civileme) -- Re: [newbie] Can't block dos attack; 28 Jul 2002; civileme.


NIDS (Network Intrusion Detection Systems)

  • snort

File Integrity Checkers


See ResourceRecommendations.


Recommended for Special Purposes

  • [[http://www.knowngoods.org/][known goods] maintains a database of md5sums for (selected) uncracked programs in various distros (including Mandrake 9.0) so you can make an attempt to determine whether you've been cracked even if you didn't run Tripwire, osiris, or something similar just after installation.

Recommended by Others

No Recommendation

Web Sites or Articles

In this paper, Anton looks at network intrusion systems, IDS-triggered countermeasures, what are they, how they can be triggered and when they should not be triggered.

The next four suggested by Chris Palmer, I have not read:

Mail Lists

Not Recommended


  • RandyKramer - 23 Mar 2002
  • <If you edit this page, add your name here, move this to the next line>

Page Ratings

Edit | Attach | Watch | Print version | History: r15 < r14 < r13 < r12 < r11 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r15 - 2003-05-08 - RandyKramer
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by PerlCopyright 1999-2017 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding WikiLearn? WebBottomBar">Send feedback
See TWiki's New Look