hack attempt - what to do
Peter L. Peres
plp-ysDPMY98cNQDDBjDh4tngg at public.gmane.org
Sun Aug 8 02:45:43 UTC 2004
On Sat, 7 Aug 2004, Scott Elcomb wrote:
> while it's attempting it's break-and-enter?
You compute something called a 'signature', which is the sum of the
actions (you think) the attacker takes (including the time-frame) on your
system, as revealed by system logs, and then you draw conclusions by
matching this gainst known virus and human penetration attempts. F.ex. the
time between the attempts is significant. Humans can only type so fast
(even if cut & paste).
Peter
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list