Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Incidents
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Gathering volatile information

from [Kyle Maxwell] Network Security [Permanent Link]
Subject: Re: Gathering volatile information
Date: Wed, 13 Apr 2005 15:22:14 -0500 
On 4/13/05, Bob the Builder <builder173@hotmail.com> wrote:

In the Unix environment there seem to be various lists of bits and pieces
but no really definitive list of commands related to gathering volatile
information that you should and shouldn't run and what types of things they
are likely to interfere with. Am I missing something here, does just such a
list exist and I'm just not looking in the right place, or is it about time
somone set about righting one? I'm not talking about a religious argument on
the merits of what stage a machine should be taken offline at but more what
the volatile data gathering options are that are available to you if as in
incident handler you need them.


Try http://www.cert.org/tech_tips/intruder_detection_checklist.html,
that may be what you're looking for.

-- 
Kyle Maxwell
[krmaxwell@gmail.com]

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  What to do if they ignore you, Skip Carter
Next by Date:  Re: Gathering volatile information, Jeff Bryner
Previous by Thread:  Gathering volatile information, Bob the Builder
Next by Thread:  Re: Gathering volatile information, Russell Fulton
Indexes:  [Date] [Thread] [Top] [All Lists]