[Snort-users] Intrusion S/W detection tools?

SWilcoxon at ...1386... SWilcoxon at ...1386...
Wed Mar 21 10:33:15 EST 2001


A little off the subject, but I feel it's related to IDS in general so this
could be a helpful group.

Are there any Open or Closed source tools for detecting that intruders have
installed compromised tools, backdoors, etc on a Linux system? I know that
many Virus Scanners can do this for files that are considered in that
category by the developers, but do they really cover the other tools a
Hacker may install on a System?

No, I'm not trying to sanitize a system. I was just thinking that would be a
good tool for people who may not have taken the proper safeguards for
detecting binaries changing or files being added.

S.W.
swilcoxon at ...1386...




More information about the Snort-users mailing list