Security Basics mailing list archives
Re: Detecting File Alteration
From: Daniel Cid <danielcid () yahoo com br>
Date: Wed, 6 Sep 2006 13:48:11 -0300 (ART)
In addition to samhain, you can try ossec. It does file integrity checking natively on both Unix/Linux and Windows systems (besides log analysis and rk detection)... Hope it helps.. -- Daniel B. Cid dcid ( at ) ossec.net --- offset <offset () ubersecurity org> escreveu:
I dont recall if your original email required this to run on windows or *nix. I've used samhain on *nix with no issues, not sure about windows. http://www.la-samhna.de/samhain/ -off On Thu, Aug 31, 2006 at 11:44:14PM -0400, Mister Dookie wrote:Tripwire is awfully expensive for a smallcompany... there must besomething in the freeware realm or at leastsomething cheaper thataccomplishes the same thing as Tripwire. On 8/31/06, Peter Marshall<petermmarshall () hotmail com> wrote:Tripwire as well . . . -----Original Message----- From: Saqib Ali [mailto:docbook.xml () gmail com] Sent: Thursday, August 31, 2006 3:49 PM To: Mister Dookie Cc: security-basics () securityfocus com Subject: Re: Detecting File Alteration Filemon???http://www.sysinternals.com/Utilities/Filemon.htmlfilters as well.... -- Saqib Ali, CISSP, ISSAP Support http://www.capital-punishment.net ----------- "I fear, if I rebel against my Lord, theretribution of an Awful Day (TheDay of Resurrection)" Al-Quran 6:15 -----------
---------------------------------------------------------------------------
This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
_______________________________________________________ Novidade no Yahoo! Mail: receba alertas de novas mensagens no seu celular. Registre seu aparelho agora! http://br.mobile.yahoo.com/mailalertas/ --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: Detecting File Alteration Mister Dookie (Sep 05)
- RE: Detecting File Alteration Dan Tesch (Sep 05)
- Re: Detecting File Alteration Jon Wallace (Sep 05)
- Re: Detecting File Alteration irado furioso com tudo (Sep 05)
- Re: Detecting File Alteration offset (Sep 05)
- Re: Detecting File Alteration Daniel Cid (Sep 06)
- Re: Detecting File Alteration Mister Dookie (Sep 06)
- Message not available
- Re: Detecting File Alteration Mister Dookie (Sep 08)
- Re: Detecting File Alteration Fósforo (Sep 06)
- RE: Detecting File Alteration Dan Tesch (Sep 05)
- <Possible follow-ups>
- Re: RE: Detecting File Alteration krymson (Sep 05)
- RE: Detecting File Alteration Jordan Jason (Sep 05)
- RE: Detecting File Alteration Beauford, Jason (Sep 05)
- RE: Detecting File Alteration Young, Randy (Sep 05)
- RE: Detecting File Alteration Sorin Petre (Sep 05)
- Re: RE: Detecting File Alteration thomas . jones (Sep 06)
- Re: RE: Detecting File Alteration josh . g . parker (Sep 07)