On Sat, Jul 14, 2012 at 8:46 AM, Ali Varshovi <ali.varsh...@hotmail.com> wrote: > Greetings FD, > > Does anyone have any guidelines/useful material on analysis logs of a Linux > machine to detect signs of compromise? The data collection piece is not a > challenge as a lot of useful information can be captured using commands and > some scripts. I'm wondering if there is any systematic approach to analyze > the collected logs? Most of the materials I've seen are more aligned to > malware and rootkit detection which is not the only concern apparently. > > Thanks, > Ali
Is in my experience is that I place two folders in directory in is root folder called /root/MilaKunisLeakedPhotos/ and /root/OlgaKurlyenko/ is when I see is accessed. Then I know is my machine compromised. Everyone is want see Olga and Mila _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/