A shell script question
Jason Clinton
me at jasonclinton.com
Mon Feb 23 23:16:59 CST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Brian Densmore wrote:
| I'm looking to write a little shell/perl/python
| script to run on my server 24/7 looking for attackers.
| I want to hide this script from view. Anyone ever done this?
| Or do I have to break out a compiled language to do this.
| Also, anyone know of a good Linux disassembler? I
| want to reverse engineer the rootkit that the cracker
| used on my machine. This little script doesn't have to
| be hack-proof as it is really only meant to send out
| an alarm when someone successfully breaks in. I'm just
| wanting to give my script enough time to send out a call
| for help, and maybe do a system shutdown. I figure if
| I create my own watchdog, it is unlikely to be sniffed out
| automatically by a rootkit.
Google 'honeypot'.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFAOonntSqjk42zvwkRArYzAKC5rDxoOp5J/WKTZCTtp1YEBmnnogCgoDrv
3FW2NWBi21VhIq3NYUnD9fQ=
=Gvzi
-----END PGP SIGNATURE-----
More information about the Kclug
mailing list