Security Incidents mailing list archives

Re: Gathering volatile information

From: Jeff Bryner <jbryner1 () yahoo com>
Date: Wed, 13 Apr 2005 15:45:34 -0700 (PDT)

--- Bob the Builder wrote:

In the Unix environment there seem to be various lists of bits and
pieces  but no really definitive list of commands related to

gathering

volatile  information that you should and shouldn't run and what

types

of things they  are likely to interfere with.


Have you seen sans reference guide for quickie unix intrusion
discovery?
http://www.sans.org/score/checklists/ID_Linux.pdf

It's not quite the bootable cd/script you're seeking but maybe a start.

Jeff.
CISSP, GCIH, GCFA


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------

Current thread:

Gathering volatile information Bob the Builder (Apr 13)
- Re: Gathering volatile information Kyle Maxwell (Apr 13)
- Re: Gathering volatile information Russell Fulton (Apr 14)
- <Possible follow-ups>
- Re: Gathering volatile information Jeff Bryner (Apr 13)