Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Intrusion Detection

from [skarvin] Network Security [Permanent Link]
Subject: Re: Intrusion Detection
Date: Mon, 10 Jul 2006 10:19:41 +0200 
Hi,

In my blog I have a simple list of steps to do this. It follows the
CERT's checklist (
http://www.cert.org/tech_tips/intruder_detection_checklist.html ) to
detect an intrussion and I've added more instructions to do this task.
http://skarvin.blogspot.com/2006/06/pasos-seguir-para-detectar-una.html

I hope this is helpfull for you.

PD: It's in spanish :)


On 7/10/06, David Robert <david31900@rogers.com> wrote: 
Hello all,

I've been reading this list for some time and I can't help but notice that
there is a lot of information and discussion about securing systems, but
very little about how to detect if you *are* compromised.

This one of my major concerns.  I can advocate all kinds of practices and
procedures, but eventually someone will get through.  So how can I tell?
Especially if they are trying not to leave traces?

Is there a few very simple, dumb things that everyone should do in this
regard?  If so, then I haven't heard them.  If you could list them, or point
me to some good resources, it would be much appreciated.

Thanks,


-------------------------------------------------------------------------
Sponsored by: Watchfire

Securing a web application goes far beyond testing the application using
manual processes, or by using automated systems and tools. Watchfire's
"Web Application Security: Automated Scanning or Manual Penetration
Testing?" whitepaper examines a few vulnerability detection methods -
specifically comparing and contrasting manual penetration testing with
automated scanning tools. Download it today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008Vmm
--------------------------------------------------------------------------





--
Un saludo,

skarvin
weblog: http://skarvin.blogspot.com

-------------------------------------------------------------------------
Sponsored by: Watchfire

Cross-Site Scripting (XSS) is one of the most common application-level attacks that hackers use to sneak into web applications today. This whitepaper will discuss how traditional CSS attacks are performed, how to secure your site against these attacks and check if your site is protected. Cross-Site Scripting Explained - Download this whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008Vmr
--------------------------------------------------------------------------

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Directed phishing attacks- protection methods, Joshua Perrymon
Next by Date:  RE: Oracle SQL Injection, Integrigy
Previous by Thread:  Re: Intrusion Detection, David Ryan
Next by Thread:  Re: DMZ and critical data, sarbanha
Indexes:  [Date] [Thread] [Top] [All Lists]