I put a dachsrein beta firewall up last week at the house, it works great. My wife got into an apparent ongoing battle in which several people in a yahoo chat room were hit with a buffer over- flow (affecting windows client) in the chat program. The room was actually being monitored by a level 2 government employee that was assigned to the room to monitor for script-kiddies, and she got one of them. Unfortunately, the kiddie got my ip addy and DDoS'ed it (from what I dug out of the logs before they filled). This was fine (lol), except I cannot find any info in auth.log and user.log. I am assuming the box has been cracked, probably root kitted and they erased the two log files. The box is still up and the gov official (and maybe Charles or someone else) would like an image of the Ram disk to analyze....particularly for a foot- print of the attacker.
My question, how do I make an image of the RAM disk??? Can I simply back up the entire disk and send it, or is there another way??? Thanks in advance, ~Guitarlynn Lynn Avants -- if linux isn't the answer, you've got the wrong question _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
