On Sat, 14 Jul 2012 12:46:50 -0000, "Ali Varshovi " said: > Most of the materials I've seen are more aligned to malware and rootkit > detection which is not the only concern apparently.
It's hard to say what else to check without knowing what other concerns you're checking for, and what data sources are available (I'm thinking about auditd and friends, but there's other data sources as well).
pgpHTMmfWUjpc.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
