Есть ли такие штуки, которые могут сравнить содержимое диска с системой, с установочным образом ОС и показать все отличия? Что бы вероятные взломы расследовать.
@3draven я как-то для этого скрипт писал для сравнения хешей файлов. Получилось сильно больше различий, чем я ожидал, забил. Может у форензиков чего есть посмотреть. @ashed вот этот господин шарит
@kirill@ashed ну, вот потому и с фильтрами :) Есть много всякого, где изменения безвредны и можно сразу автоматом отбросить. Докинуть статик анализатор еще. В общем что то вроде wireshark только для анализа дифов.
The Unix security audit and intrusion detection tool
Tiger is a security tool that can be use both as a security audit and intrusion detection system. It supports multiple UNIX platforms and it is free and provided under a GPL license. Unlike other tools, Tiger needs only of POSIX tools and is written entirely in shell language.
TIGER has one primary goal: report ways the system’s security can be compromised.
Most of the tools are independent, but some of them rely on specialised external security tools such as John the Ripper, Chkroot and integrity check tools (like Tripwire, Integrit or Aide) to execute some tasks.
I like Twitter, but, Mastodon it is so excited! Feel free to register it is server just for fun!
Usefull links
https://instances.social
https://www.reddit.com/r/Mastodon/comments/yugh2o/some_useful_mastodon_lists/?utm_source=share&utm_medium=web2x&context=3
@3draven @kirill
The Unix security audit and intrusion detection tool
Tiger is a security tool that can be use both as a security audit and intrusion detection system. It supports multiple UNIX platforms and it is free and provided under a GPL license. Unlike other tools, Tiger needs only of POSIX tools and is written entirely in shell language.
https://www.nongnu.org/tiger/
TIGER has one primary goal: report ways the system’s security can be compromised.
Most of the tools are independent, but some of them rely on specialised external security tools such as John the Ripper, Chkroot and integrity check tools (like Tripwire, Integrit or Aide) to execute some tasks.
https://www.kali.org/tools/tiger/