forensic_analysis_on_a_linux_web_server(1).pdf
(
1208 KB
)
Pobierz
Mathieu Deous – Julien Reveret
Forensic analysis of a Linux
web server
www.nbs-system.com
1
Agenda
Who are we ?
Performing forensic analysis on a compromised web server
What to search, where, how ? Logs but also dynamic analysis
What about privilege escalation ?
How has rootkit detection evolved ?
www.nbs-system.com
2
Who are we ?
•
Security guys doing
both offensive and
defensive stuff
•
Our company is hosting
3000+ sites in a private
cloud
www.nbs-system.com
3
Agenda
Who are we ?
Performing forensic analysis on a compromised web server
What to search, where, how ? Logs but also dynamic analysis
What about privilege escalation ?
How has rootkit detection evolved ?
www.nbs-system.com
4
Performing forensic analysis on a compromised web server
Some people think finding out what attackers did on a
server is an easy task since their activities are
« obviously malicious » :
- Sending spam
- Scanning /DoSing other servers
- Hosting phishing sites
But sometimes there can be days, weeks, months
between a compromise and illegal activities…
www.nbs-system.com
5
Plik z chomika:
musli_com
Inne pliki z tego folderu:
01-docker_for_sysadmins__what_s_in_it_for_me_(2).pdf
(292 KB)
02-mondo-presentation(2).pdf
(2011 KB)
03-2015-07-06-evqueue-pres-rmll(1).pdf
(511 KB)
04-lsm2015-drbl-winroll-v2(2).pdf
(3020 KB)
2015-05-17_med-record-as-graph(1).pdf
(120 KB)
Inne foldery tego chomika:
cheat-sheets
Data Mining
Data Structures
Demystified Series
Dreamweaver
Zgłoś jeśli
naruszono regulamin