[Owasp-Malaysia] investigate A Linux Compromise

Mohd Fazli Azran mfazliazran at gmail.com
Tue Dec 21 00:05:12 EST 2010


+1

On Tue, Dec 21, 2010 at 12:46 PM, Ang Chin Han <ang.chin.han at gmail.com>wrote:

> Installing fail2ban on publicly accessible servers is probably a Good Thing
> as well, and would have saved someone some headaches.
>
> Afaik, though, you have to compile fail2ban for sles9. All others just a
> apt-get install fail2ban or yum install fail2ban away.
>
> Ideally you have alternate ports or port knocking for ssh, but sometimes it
> isn't possible when you to access the box from behind a firewall.
>
> P.S. Keeping old unsupported distros running for sentimental and uptime
> reasons is.... silly.
>
> /me ಠ_ಠ
>
> On Mon, Dec 20, 2010 at 10:51 PM, Harisfazillah Jamel <
> linuxmalaysia at gmail.com> wrote:
>
>> Team,
>>
>> Found this
>>
>>
>> http://www.linuxquestions.org/questions/linux-security-4/server-infected-with-scanssh-pscan2-sshf-823263/
>>
>> and more sites that I should share with everybody
>>
>>
>> http://sites.google.com/site/zenarstudio/home/kb/linux---howto---investigate-a-linux-compromise
>>
>>
>> http://web.archive.org/web/20080109214340/http://www.cert.org/tech_tips/intruder_detection_checklist.html
>>
>> That all for now....
>> _______________________________________________
>> Owasp-Malaysia mailing list
>> Owasp-Malaysia at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>
>> OWASP Malaysia Wiki
>> http://www.owasp.org/index.php/Malaysia
>>
>> OWASP Malaysia Wiki Facebook
>> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>>
>
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20101221/37de8d64/attachment.html 


More information about the Owasp-Malaysia mailing list