Chapter 20. Finding the Attacker s System

   


Chapter 20. Finding the Attacker's System

Now that you have acted on your suspicion that you have been cracked and have taken steps to prevent the cracker from immediately getting back into the system, repaired the damage, and sealed the hole, it is time to find your cracker's system and habits.

The topics covered in this chapter include:

  • "Tracing a Numeric IP Address with nslookup" on page 707

  • "Tracing a Numeric IP Address with dig" on page 708

  • "Who's a Commie: Finding .com Owners" on page 708

  • "Finding Entities Directly from the IP Address" on page 710

  • "Finding a G-Man: Looking Up .gov Systems" on page 710

  • "Using ping" on page 712

  • "Using traceroute" on page 713

  • "Neighboring Systems' Results" on page 714

  • "A Recent International Tracking of a Cracker" on page 714

  • "Be Sure You Found the Attacker" on page 714

  • "Other SysAdmins: Do They Care?" on page 717


   
Top


Real World Linux Security Prentice Hall Ptr Open Source Technology Series
Real World Linux Security Prentice Hall Ptr Open Source Technology Series
ISBN: N/A
EAN: N/A
Year: 2002
Pages: 260

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net