Recommendations (4)

• Intruder detection checklist

  • check /etc/hosts.equiv, .rhosts
  • look everywhere for unusual or hidden files with names like ‘…’, ‘.. ‘, ‘..^G’
    • find / -name “.. “ -print
  • check your systems for unauthorized use of a network monitoring programs (sniffers)
  • examine all files that are run by ‘cron’ or ‘at’
  • inspect /etc/passwd, /etc/inetd.conf
  • examine all machines on the network for signs of intrusions

Previous slide

Back to first slide

View graphic version