>Hi, > Can anyone tell me what forensic tools are available for >Linux? Would portsentry qualify as a foresic tool? Also >is PSAD a forensic tool or an IDS like snort? > >Thanks & Regards >Mani
Coroner's toolkit(TCT) comes to mind http://www.porcupine.org/forensics/tct.html As for the second part of your query, "forensic" relates to collection of evidence(e.g. for use in a court of law). So essentially the tools that will help you collect evidence of an unauthorized access of your servers etc. Try this URL : http://www.linux-forensics.com/links.html HTH. Regards, Abhi _______________________________________________ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
