|
Firewall Wizards
mailing list archives
Re: FW: OK, I've been hacked, now what?
From: Asmodeus <asmodeus () benshaw com>
Date: Fri, 14 May 1999 08:13:41 -0400 (EDT)
On Wed, 12 May 1999 kevin.sheldrake () baedsl co uk wrote:
I assume that Tripwire tracks changes to files. How does it
distinguish between normal,
everyday system usage and unauthorised access? Is it available
for NT Server 4, NT
Workstation 4, DEC Unix, Solaris?
It can't tell the difference. A changed file is a changed file.
Although from my experience, very few files are changed/added/deleted once
the server is set up. Plus you can also set it to monitor certain
directories (oh, like /etc, /boot and so on) so any filestorage points
don't have to be monitored.
I'm not sure offhand if it comes in an NT flavour, but the *nix boxen
should work fine.
.Shawn
 By Date 
By Thread
Current thread:
- RE: OK, I've been hacked, now what?, (continued)
- RE: OK, I've been hacked, now what? Chris Tobkin (May 10)
- RE: OK, I've been hacked, now what? kevin . sheldrake (May 11)
- RE: OK, I've been hacked, now what? Peter Mayne (May 12)
- FW: OK, I've been hacked, now what? kevin . sheldrake (May 13)
- Re: FW: OK, I've been hacked, now what? Asmodeus (May 16)
- Re: FW: OK, I've been hacked, now what? Joseph S D Yao (May 16)
- Re: FW: OK, I've been hacked, now what? Crispin Cowan (May 16)
- Re: FW: OK, I've been hacked, now what? Lance Spitzner (May 16)
- Re: FW: OK, I've been hacked, now what? Cohen Liota (May 16)
- Re: FW: OK, I've been hacked, now what? dreamwvr (May 16)
|
Intro
