Linux (Centos, Red-Hat) searching intrusions
Hi there again.
I was looking for some advice in order to search, detect intrusions on redhat systems.
I know some kind of intrusions as drive by download, php shells, redirections to external urls, Have I forgetting something?
Usually I check for ftp uploads and ip country, look into online websites analyzer, scan websites with updated antivirus, ...
How can I detect that intrusions and malware? What tools do you use?
Thanks in advance
|