How do you know when a Linux system has been compromised? Every day I watch our systems with all the typical tools, ps, top, who, I watch firewall / IPS logs, I have logwatch setup and mailing daily summaries to me and I dive deeper into logs if something looks suspicious. What am I missing or not looking at that you security gurus are looking at? I subscribe to the centos and SANS newsletters, and I try to keep current on all technology with credible sources of articles online and with the Lynda library. What other sources of information do you use to stay current about the latest threats and technology updates? I appreciate the feedback. Chris _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos
how to know when a system is compromised
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: how to know when a system is compromised
- From: Christopher Wensink <cwensink@xxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 14 Nov 2019 09:40:32 -0600
- User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2
- Follow-Ups:
- how to know when a system is compromised
- From: Leroy Tennison
- Re: how to know when a system is compromised
- From: SternData
- how to know when a system is compromised
- Prev by Date: Re: Centos 7 + samba / some win 10 systems can mount and some not
- Next by Date: Re: how to know when a system is compromised
- Previous by thread: Centos 7 + samba / some win 10 systems can mount and some not
- Next by thread: Re: how to know when a system is compromised
- Index(es):
 |