From: Alfred Huger (ah@securityfocus.com)
Date: Mon Mar 24 2003 - 11:14:00 EST
Hey Folks,
IDS Logs in Forensics Investigations: An Analysis of a Compromised
Honeypot
by Alan Neville
This paper will deconstruct the steps taken to conduct a full analysis of
a compromised machine. In particular, we will be examining the tool that
was used to exploit a dtspcd buffer overflow vulnerability, which allows
remote root access to the system. The objective of this paper is to show
the value of IDS logs in conducting forensics investigations.
http://www.securityfocus.com/infocus/1676
Alfred Huger
Symantec Corp.
----------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does. Plug your security holes now!
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:31 EDT