GGI
Company
Information
Company Profile
Services
Products
Clients
People
Experience
Public Speaking
Directions To GGI
Alliances
GGI Affiliates
GGI Trademarks
Free Tools
& Services
PD Metrics Survey Survey
Reading Rooms
Publications
Bookstore
Gateways to Knowledge
Calendar
Rapid News
GGI Summits
Visitor & Customer
Feedback
Guestbook
Site Survey
iStore
Links
Contact GGI

Internet Security: Hacker Targets

 

TARGETED SYSTEM BINARIES AND DIRECTORIES

If you think your site has been invaded by an intruder, check these system binaries for inconsistencies:

  • /bin/login

    •
  • /bin/ls

    •
  • /usr/etc/in.telnetd

    •
  • /usr/sbin/ifconfig

    •
  • /usr/etc/in.ftpd

    •
  • /bin/df

    •
  • /usr/etc/in.tftpd

    •
  • /usr/lib/libc.a

    •
  • /usr/ucb/netstat

    •
  • /usr/ucb/cc

    •
  • /bin/ps

    •

Also check these files:
  • /.rhosts

    •
  • /etc/hosts.equiv

    •
  • /bin/.rhosts

    •
  • /etc/passwd

    •
  • /etc/group

    •
  • /var/yp/*(nis maps)

    •
  • root environment files (.login, .cshrc, .profile, .forward)
    •  

Look for hidden directories created by the intruders in:
  • /tmp

    •
  • /var/tmp

    •
  • /etc/tmp

    •
  • /usr/spool

    •
  • usr/lib/cron

 


Goldense Group, Inc.   1346 South Street, Needham, MA 02492
P.O. Box 350, Dedham, MA 02027-0350
 Phone: (781) 444-5400   Fax: (781) 444-5475

Privacy Statement

Copyright © 1996-2009 __ Goldense Group, Inc. __ All Rights Reserved.