Is Your e3000 Environment Secure? - by Mark Bixby
Is Your e3000 Environment Secure? - HPWorld 2003 page 20August 14, 2003
Would you know it if a hacker
replaced a system file with a
trojan horse?
§Monitor system logging for unauthorized file open/close
events
– but what if a hacker disabled system logging or sanitized
the log files?
§Build a database of file checksums and other attributes
for comparison purposes to detect file changes
– Update the database after legitimate file changes
– Various open source solutions – TripWire, Osiris, etc