Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: possible rooted systems

from [Mike] Network Security [Permanent Link]
Subject: Re: possible rooted systems
Date: Thu, 28 Oct 2004 14:00:12 -0400 
If your T1 line is maxed, I would suggest you use some type of network
analyzer, like exporting netflow stats and generating reports based on that.


----- Original Message ----- 
From: "kyle" <kyle@inetconnection.com>
To: <security-basics@securityfocus.com>
Sent: Thursday, October 28, 2004 8:12 AM
Subject: possible rooted systems



I am a lan administrator at a small school system with a T1 line for the
internet. Lately I've noticed that the T1 line has been maxed, and a week
later, it still is maxed out. I strongly believe that a few systems have

been

rooted (no viruses/trojans show up on scans) and need a novell based

packet

sniffer to determine what is legitimate and illegitimate traffic. Does

anyone

know of any good ones? We run many xp and 98 boxes with multiple novell
servers. I think some of the 98 boxes are the ones that were rooted On

using

them I've noticed one common thing on every one of them at that building.
spyware beyond usage (current record 35000 entries before adaware locked

up).

I know how I can just fix it, but I need some sort of log so I can justify

my

means. ;)
Thanks
Kyle
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Electronic signatures and watermarking?, GuidoZ
Next by Date:  Allowing scanning from home, ericaldrc51
Previous by Thread:  possible rooted systems, kyle
Next by Thread:  Re: possible rooted system, xyberpix
Indexes:  [Date] [Thread] [Top] [All Lists]