Hi all, A good thing to do would be to use Tripwire or similar to build a "known good" database of file signatures prior to deployment. When it comes to intrusion detection and compromise recovery, this is the only way to be sure.
I did some work with Tripwire and alternatives a few years ago, although I haven't touched it recently. Anyone want to toss out alternatives/suggestions/best practices/etc? -- Ben _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss