|
|
|
|
|
|
Digg |
|
|
|
Track down and expose intruders with the versatile admin tool lsof.
Has your server been cracked? Are your processes running wild? If you suspect an intrusion, you’ll need accurate information on what’s happening with the system. Open file handles are a useful source for this information. lsof scans the depths of the filesystem for these files and then returns comprehensive and detailed output.
To be fully prepared for an attack, you’ll need an Intrusion Detection System (IDS) like Snort, Tripwire or Aide to check the filesystem and data streams for suspicious patterns. However, if you don’t have the time or resources for a full-blown intrusion response, Linux has a number of standard command line programs capable of discovering tell-tale traces on a system. The usual suspects for server diagnosis are ps, netstat, top, fuser, and other friendly helpers.
|
|
|
| Related Articles | |
|---|---|
| CAT AND MOUSE | Looking for signs of a network attack |
| Special Linux Magazine 3 for 1 Offer |
|---|
|
Get 3 Issues + 3 DVDs for the price of a single issue! Let Linux Magazine's hands-on, technical articles guide you in your daily Linux use. Check out bonus DVDs like Ubuntu, SUSE, or Fedora and save the download. Only available for a limited time. Don't miss out! |
Comments