by Kush Wadhwa, Chetan Gupta
Platforms: Linux
Categories: Auditing, Forensics, Hardening, Host, Intrusion Detection, Linux, Rootkits
Version: LINReS-1.1
LINReS is a Live Response script designed to run on suspect/compromised Linux systems system with a minimal impact on the system to satisfy various forensic standards requirements. This script has been tested successfully on RedHat Enterprise Linux systems. LINReS consists of mostly statically compiled binaries and includes the various shared libraries that may be required to run the binaries (which are not statically compiled). All in all, no binary from the compromised system is used by this tool which mitigates the risk of collecting information on a trojaned system.

Comments Mode:


Privacy Statement
Copyright 2010, SecurityFocus