Rescuing data from attackers

Data Rescue

Author(s): Kurt Seifried

When attackers strike your system, you need to determine exactly what damage has been done. Here are some tools to help.

Typically, when the term “data rescue” is mentioned, failed RAID arrays, accidentally deleted files, and corrupted backups come to mind. But, what happens when a break-in occurs and you need to find out how the attacker got in and how much damage has been done?

If you’re lucky (relatively speaking), the attacker will make changes to the filesystem. For example, in the recent kernel.org security breach, the OpenSSH binaries were replaced with ones that would log usernames, passwords, and keys, allowing the attacker to access additional systems. In theory, tools like AIDE or Tripwire should catch these modifications, but in practice this doesn’t always work.

Read full article as PDF »

056-057_kurt.pdf (628.10 kB)

comments powered by Disqus

Visit Our Shop

Trial Subscription

Digital Subscription

Direct Download

Read full article as PDF »

056-057_kurt.pdf (628.10 kB)

News

Google and NASA Partner in Quantum Computing Project

Vendor D-Wave scores big with a sale to NASA's Quantum Intelligence Lab.
Mageia Project Announces Mageia 3 Linux

Many package updates and Steam integration highlight the latest from the Mandriva-based community Linux.
FSF Outs the World Wide Web Consortium over DRM Proposal

Richard Stallman calls for the W3C to remain independent of vendor interests.
Debian 7.0 Debuts

The new release supports nine architectures, 73 human languages, and zero non-Free components.
Alpha Version of Fedora 19 Released

Fedora developers release the first alpha version of Fedora 19, known as Schrödinger’s Cat, for general testing. The final release is expected in July 2013.
ack 2.0 Released

ack is a grep-like, command-line tool that has been optimized for programmers to search large trees of source code.
SUSE Studio 1.3 Released

SUSE

New features in SUSE Studio 1.3 include enhanced cloud integration, VM platform support, and lifecycle management.
Xen To Become Linux Foundation Collaborative Project

AMD , Citrix , google , Intel , Oracle

The Linux Foundation recently announced that the Xen Project is becoming a Linux Foundation Collaborative Project.
RunRev Releases Open Source Version of LiveCode

Android , Linux , Mac , Windows

Open source version of LiveCode is now available for developing apps, games, and utilities for all major platforms.
OpenDaylight Project Formed

Citrix , IBM , Microsoft , Red Hat , VMware

OpenDaylight is an open source software-defined networking project committed to furthering adoption of SDN and accelerating innovation in a vendor-neutral and open environment.

Rescuing data from attackers

Data Rescue

Read full article as PDF »

Visit Our Shop

Direct Download

Read full article as PDF »

Tag Cloud

News