|
OIT Home > Security > Recover from an Intrusion |
|
|
|
Recover from an Intrusion |
|
Detect an Intruder or System Compromise
Forensic Analysis Tools
- chkrootkit: Locally checks for signs of a rootkit.
- find_ddos: A Denial-of-Service attack program finder.
- fport: Tool for mapping unknown open ports to their associated applications on Windows systems.
- TCPView: An application that lets you monitor TCP and UDP activity on your local system. It is the most powerful tool available for tracking down network-related configuration problems and analyzing application network usage.
- The Coroner's Toolkit: (TCT) for UNIX and Linux Systems
- Vision: The GUI successor to fport.
- SecCheck: A Windows forensic tool
which aids in the detection and removal of malicious applications, back doors, trojans, worms, and viruses that may be unknowingly installed.
Recover from a System Compromise
ETA
|
|
|