First page Back Continue Last page Summary Graphics
Intro to InfoSec
Recipe for an attack
Covering tracks
- Log tampering
- Rootkits / modified admin tools
Backdoors
- Trojan programs
- Remote control services
- Rogue user accounts
- Init scripts
Notes:
Once compromised, the intruder needs to hide from the admins...
wtmp / syslog cleansers can be as simple as:
# rm /var/log/syslog
# touch /var/log/syslog
trojans usually include:
- ps / top
- ifconfig / netstat