Unix Forensic - Security & Cryptography

Users browsing this thread: 1 Guest(s)
venam
Administrators
(17-07-2016, 07:19 PM)z3bra Wrote: I think the first thing to do, if possible, is to close all network access to the box.

I've mentioned this but it's not always a solution.

(17-07-2016, 03:55 AM)venam Wrote: Actually it's a way better idea, you don't want that system to stay online with
an attacker on it.
And maybe you have a real time fight with him, and he kicks you out and erase
everything on the machine.
But sometimes you can't afford to remove a live system, a production system.


Messages In This Thread
Unix Forensic - by venam - 03-07-2016, 10:48 AM
RE: Unix Forensic - by venam - 17-07-2016, 03:55 AM
RE: Unix Forensic - by z3bra - 17-07-2016, 07:19 PM
RE: Unix Forensic - by venam - 18-07-2016, 12:17 AM