PM
To: CentOS mailing list
Subject: Re: [CentOS] how to know when a system is compromised
Thanks - I'll keep that in mind...
Harriscomputer
Leroy Tennison
Network Information/Cyber Security Specialist
E: le...@datavoiceint.com
[cid:Data-Voice-International-LOGO_aa3d1c6e-5cfb-451f
On 14/11/2019 16:57, Valeri Galtsev wrote:
On 2019-11-14 10:01, Christopher Wensink wrote:
I have not, I'll look into that one, thanks!
On 11/14/2019 9:48 AM, SternData wrote:
Do you run rkhunter?
On 11/14/19 9:40 AM, Christopher Wensink wrote:
How do you know when a Linux system has been
Thanks - I'll keep that in mind...
From: CentOS on behalf of Chris Adams
Sent: Thursday, November 14, 2019 10:57 AM
To: centos@centos.org
Subject: [EXTERNAL] Re: [CentOS] how to know when a system is compromised
Once upon a time, Leroy Tennison said:
&
Once upon a time, Leroy Tennison said:
> The executable could be placed on mounted read-only media
That's not as secure as you think. Linux bind mounts can mount a file
over another file (plus there's overlay filesystems), so it's possible
to replace a binary even on a read-only device.
--
Ch
On 2019-11-14 10:01, Christopher Wensink wrote:
I have not, I'll look into that one, thanks!
On 11/14/2019 9:48 AM, SternData wrote:
Do you run rkhunter?
On 11/14/19 9:40 AM, Christopher Wensink wrote:
How do you know when a Linux system has been compromised?
I'm sure you have followed t
14, 2019 9:40 AM
To: CentOS mailing list
Subject: [EXTERNAL] [CentOS] how to know when a system is compromised
How do you know when a Linux system has been compromised?
Every day I watch our systems with all the typical tools, ps, top, who,
I watch firewall / IPS logs, I have logwatch setup and maili
I have not, I'll look into that one, thanks!
On 11/14/2019 9:48 AM, SternData wrote:
> Do you run rkhunter?
>
> On 11/14/19 9:40 AM, Christopher Wensink wrote:
>> How do you know when a Linux system has been compromised?
>>
>> Every day I watch our systems with all the typical tools, ps, top, who
Do you run rkhunter?
On 11/14/19 9:40 AM, Christopher Wensink wrote:
> How do you know when a Linux system has been compromised?
>
> Every day I watch our systems with all the typical tools, ps, top, who,
> I watch firewall / IPS logs, I have logwatch setup and mailing daily
> summaries to me an
How do you know when a Linux system has been compromised?
Every day I watch our systems with all the typical tools, ps, top, who,
I watch firewall / IPS logs, I have logwatch setup and mailing daily
summaries to me and I dive deeper into logs if something looks suspicious.
What am I missing or n
9 matches
Mail list logo