Examining a compromised server. - Page 3
Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 31

Thread: Examining a compromised server.

  1. #21
    StOrM™
    Join Date
    Aug 2004
    Posts
    1,003
    I honestly felt disgusted when our second meeting with Symantec took place. In the first meeting it was decided that we declare it as an incident and initiate our place (which anyway don't exist), anyway second meeting one guy walks up with a print out of how their scan technology works. This has not been documented. They created this post the case I opened.

    I asked them if the first set of engineers who responded would not know this feature and their simple answer was, "maybe, not". That’s why I didn't write anything in the post here.

    I spend hours trying to see if I can detect anything (which wasn't there). Sigh. The reason I kept on trying was because their first set of engineers didn't know of the feature and also asked us to submit few files they found in their load point analysis log.

    Thanks to everyone who helped.

    Life is at a low right now.
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  2. #22
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    Hey ByTe!

    Life is at a low right now.
    In the mail tomorrow will be a job offer from Semantec!

    I know...........it doesn't help if they don't know their own products?

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #23
    Banned
    Join Date
    Nov 2002
    Posts
    677
    my lawyer will eat this mutha alive.
    Last edited by Linen0ise; January 21st, 2010 at 03:07 AM.

  4. #24
    AO Guinness Monster MURACU's Avatar
    Join Date
    Jan 2004
    Location
    paris
    Posts
    1,003
    Think of the positive side of things. you now have a complete toolkit to help you when you have a real problem thanks to all the links supplied by nihil. As to service engineers normally the first line of "engineers" are there to buy time till the big boys can have a look at the problem.
    P.S Hi Nilih
    \"America is the only country that went from barbarism to decadence without civilization in between.\"
    \"The reason we are so pleased to find other people\'s secrets is that it distracts public attention from our own.\"
    Oscar Wilde(1854-1900)

  5. #25
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    Hi MURACU, and a happy New Year mi buchum,

    How are things in "Gay Paree"?

    Long time no hear? are you well, and all of the family?

    Cheers mate! pop in more often huh?

    Johnno
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  6. #26
    StOrM™
    Join Date
    Aug 2004
    Posts
    1,003
    Alright, I need some help with getting this server booted with live CD. Knoppix DVD is not working because server is not able to boot with a DVD (its a HP DL360 G2[http://h20000.www2.hp.com/bizsupport...dTypeId=15351]) server. It uses Smart Array 5i Controller.

    Does anyone have any recommendation for which Live CD to be used? I have only used knoppix which works perfect. What else should I do? My purpose is to mount the HDD's and later the file system to get 2 files to analysis. We are looking at RAID 5 SCSI interface.


    Thanks in advance.
    Last edited by ByTeWrangler; January 25th, 2010 at 12:11 PM. Reason: Added more information.
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  7. #27
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    Hi there ByTe,

    As far as I am aware, the Knoppix DVD just contains a whole lot of other open source/freeware, and the core functionality is still contained on a CD.

    http://www.knoppix.net/

    I also think that you can use a flash memory stick if your server will recognise one of those?

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  8. #28
    StOrM™
    Join Date
    Aug 2004
    Posts
    1,003
    It doens't recognise DVD drive.. Thats what the server management team said.. ~!~
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  9. #29
    Keeping The Balance CybertecOne's Avatar
    Join Date
    Aug 2004
    Location
    Australia
    Posts
    659
    The next best thing is to grab a Ext. USB CD Drive - the HP bios will support the USB Optical Drive after a reboot - I like to keep one handy for those computers that do not have a CD Drive or it is broken.

    USB Boot Drives are OK too but sometimes can be fickle to get working, plus compare the time it takes to make a USB boot device to simply connecting the USB CD Drive and hitting reboot.


    CTO
    "Any intelligent fool can make things bigger and more complex... It takes a touch of genius --- and a lot of courage to move in the opposite direction."
    - Albert Einstein

  10. #30
    AO Guinness Monster MURACU's Avatar
    Join Date
    Jan 2004
    Location
    paris
    Posts
    1,003
    You could also try to generate a windows FE live Cd. It is a bit limited on the tools you can put on it and I am only just starting to experiment so not sure just how usefull it will be. Still my first attempt at creating the boot CD did work on an Apple laptop. I used a windows 7 machine as the base but you can use a vista or windows 2003 server to make the iso also. You will also need to download the windows automatic installation kit.
    cheers Muracu
    \"America is the only country that went from barbarism to decadence without civilization in between.\"
    \"The reason we are so pleased to find other people\'s secrets is that it distracts public attention from our own.\"
    Oscar Wilde(1854-1900)

Similar Threads

  1. Windows Error Messages
    By cheyenne1212 in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: February 1st, 2012, 02:51 PM
  2. Central Secure Logging in a Win2k Environment
    By Tiger Shark in forum The Security Tutorials Forum
    Replies: 5
    Last Post: March 4th, 2004, 05:00 PM
  3. Understanding DoS
    By NullDevice in forum The Security Tutorials Forum
    Replies: 21
    Last Post: December 17th, 2003, 10:03 PM
  4. Newbies, list of many words definitions.
    By -DaRK-RaiDeR- in forum Newbie Security Questions
    Replies: 9
    Last Post: December 14th, 2002, 08:38 PM
  5. How To Set Up An IRC Server (IRCD) Tutorial
    By Dome in forum Other Tutorials Forum
    Replies: 11
    Last Post: August 21st, 2002, 04:38 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •