[CentOS] how to know when a system is compromised
SternData
subscribed-lists at sterndata.com
Thu Nov 14 15:48:11 UTC 2019
Do you run rkhunter?
On 11/14/19 9:40 AM, Christopher Wensink wrote:
> How do you know when a Linux system has been compromised?
>
> Every day I watch our systems with all the typical tools, ps, top, who,
> I watch firewall / IPS logs, I have logwatch setup and mailing daily
> summaries to me and I dive deeper into logs if something looks suspicious.
>
> What am I missing or not looking at that you security gurus are looking at?
>
> I subscribe to the centos and SANS newsletters, and I try to keep
> current on all technology with credible sources of articles online and
> with the Lynda library.
>
> What other sources of information do you use to stay current about the
> latest threats and technology updates?
>
> I appreciate the feedback.
>
> Chris
More information about the CentOS
mailing list