[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Layering an IDS on Linux - prepwork



On Sun, Aug 05, 2007 at 04:31:48PM +0200, Miloslav Trmac wrote:
> Repeated SIGABRT terminations might indicate an ongoing DoS attack, but
> isolated SIGABRT terminations need to be ignored, IMHO.

They probably want logging. You only need one attack. But you want to
log an abort/core dump of any system service/process anyway - because it
shouldn't be aborting and the dumb will be good gdb food

Alan


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]