[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security Guideance

Subject: Security Guideance
From: pbosworth at gmail.com (Paul Bosworth)
Date: Tue, 23 Feb 2010 15:31:56 -0500
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <386FCF83D8086E4A89655E41CD3B53D359DF35766F@rtexch01> <[email protected]>

Place an ids in front of the server and write a rule for the traffic
signature.

Paul B.
Sent with Android

On Feb 23, 2010 3:25 PM, "Matt Sprague" <msprague at readytechs.com> wrote:

The user could also be running the command inline somehow or deleting the
file when they log off.   Check who was logged onto the server at the time
of the attack to narrow down your search.  I like the split the users idea,
though it could be several iterations to narrow down the culprit.


-----Original Message-----
From: Ronald Cotoni [mailto:setient at gmail.com]
Sent: Tuesday, February ...

References:
- Security Guideance
  - From: pstewart at nexicomgroup.net (Paul Stewart)
- Security Guideance
  - From: setient at gmail.com (Ronald Cotoni)
- Security Guideance
  - From: msprague at readytechs.com (Matt Sprague)

Prev by Date: Security Guideance
Next by Date: Security Guideance
Previous by thread: Security Guideance
Next by thread: Security Guideance
Index(es):
- Date
- Thread