Tips for when hackers strike
Source: Linux.com - Posted by Benjamin D. Thomas   
Intrusion Detection The nightmare started when I returned to my office to discover 17 missed calls on my cell phone. A moment later, the phone rang again. A frantic customer complained of "eyes" on his Web site. I visit the site, and, lo and behold, discovered it proclaiming being "owned" by a hacking group. Upon further investigation, I discovered all the other Web sites on the Debian-based server had been defaced.

The attacker managed to scare the pants off of me, and worse yet, generated concern throughout my customers. On the other hand, this was a blessing. The attacker blatantly announced himself when he could have easily installed a small-footprint root kit and hidden in the trenches of my system sucking confidential customer and network information. To reduce the possibility of this kind of attack, I highly advise making use of system integrity software such as chkrootkit and tripwire daily. These programs help detect stealthy intrusions. Other signs of a system in jeopardy may be log files that appear to have been spontaneously erased and unfamiliar occurrences in root's ~/.bash_history file.

Read this full article at Linux.com

Only registered users can write comments.
Please login or register.

Powered by AkoComment!