ADMIN - Explore the new world of system administration! Special introductory offer! Order by September 30th to save 10% off the regular subscription price! Each issue delivers technical solutions to the real-world problems you face every day. Learn the latest techniques for better:
network security
system management
troubleshooting
performance tuning
virtualization
cloud computing
on Windows, Linux, Solaris, and popular varieties of Unix.
Track down and expose intruders with the versatile admin tool lsof.
Has your server been cracked? Are your processes running wild? If you suspect an intrusion, you’ll need accurate information on what’s happening with the system. Open file handles are a useful source for this information. lsof scans the depths of the filesystem for these files and then returns comprehensive and detailed output.
To be fully prepared for an attack, you’ll need an Intrusion Detection System (IDS) like Snort, Tripwire or Aide to check the filesystem and data streams for suspicious patterns. However, if you don’t have the time or resources for a full-blown intrusion response, Linux has a number of standard command line programs capable of discovering tell-tale traces on a system. The usual suspects for server diagnosis are ps, netstat, top, fuser, and other friendly helpers.
Comments