hack attempt - what to do
Zbigniew Koziol
zkoziol-Zd07PnzKK1IAvxtiuMwx3w at public.gmane.org
Sat Aug 7 19:47:25 UTC 2004
Peter L. Peres wrote:
>
>
> On Sat, 7 Aug 2004, Scott Elcomb wrote:
>
>> while it's attempting it's break-and-enter?
>
>
> You compute something called a 'signature', which is the sum of the
> actions (you think) the attacker takes (including the time-frame) on
> your system, as revealed by system logs, and then you draw conclusions
> by matching this gainst known virus and human penetration attempts.
> F.ex. the time between the attempts is significant. Humans can only type
> so fast (even if cut & paste).
Except the case when humans automate their breaking attempt.
zb.
> Peter
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list