4. Uncompromised tools and utilities
It's always worth a quick and dirty investigation of your machine with
utilities what are already installed and may therefore have been compromised,
but in order to carry out the investigations described in this document
thoroughly you will need a set of utilities
that you can trust not to omit
or filter out information. Do both of the following:
- Carry out at least the Minimum Immediate
Network-Related Checks using a toolkit of
CD-R-mounted statically-linked utilites.
If possible carry out all checks listed in First Steps.
- Carry out a full set of checks after booting from a
live CD.
About this document:
Produced from the SGML: /home/umits/public_html/_unix_security/_reml_grp/diagnostic_forensic_tools.reml
On: 23/10/2005 at 13:29:12
Options: reml2 -i noindex -l long -o html -p multiple