Analysis a Linux Server that has been compromised.
Hello.
Is a Linux server has been hacked then which tools are needed for Track the hackers and...? Can anyone tell me which parts must be analysis? Are Logs enough? Thank you. |
No. You need the installation and the logs. You can use a copy of the install, properly made. I would retire the original drive and update, and lock down on one pc while4 analyzing on another.
Have you done any basic work like running rkhunter? |
Quote:
|
Kind of what was automatically recommended.
-Get a snapshot of what is running in memory -Unplug from network -Analyze what was captured Most would recommend using https://www.kali.org/ |
All times are GMT -5. The time now is 04:47 PM. |