Date: Mon, 11 Aug 1997 23:24:34 -0400 (EDT) From: Jeff Aitken <jaitken@aitken.com> To: freebsd-security@freebsd.org Subject: post-break-in checklist? Message-ID: <199708120324.XAA27102@eagle.aitken.com>
next in thread | raw e-mail | index | archive | help
As I recall, someone posted a post-breakin-checklist awhile back (I seem to think it was Karl Denninger, but I'm not sure). Anyway, I neglected to save a copy of it, and was wondering if anyone had such a beast handy. As far as FreeBSD goes, I've got the CDs and know about mtree, but I'm looking for a more generic "these are the sorts of things to look for if you suspect a security violation" just to be sure I'm not overlooking anything. (FWIW, the machine(s) which were compromised have been reinstalled from scratch anyway). Additionally, where might I find a list of all "security" issuse since 2.2.2-R was released? I looked in ftp://freebsd.org/pub/CERT/advisories but only turned up 4 advisories from 1997, all of which were patched prior to the release of 2.2.2. -- Jeff Aitken jaitken@aitken.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708120324.XAA27102>