[ale] diagnosis

[BruceG]

On Saturday 17 April 2004 11:00, David Corbin wrote:
> I continue to have a "problem" on one of my servers, that manifest itself
> as a memory leak.  I'm convinced it was a case of being hacked, or it's a
> kernel bug.  Regardless, I'd like to track it down.  I've done what I can
> think of and what's been suggest here without success.
>
> Is there another group that might be more focused that someone can suggest
> that I can turn to for help?
>

I don't know if it will help you. but for a while (oh, about 45 minutes or so) 
I was interested in Computer and Network forensics. I downloaded Local Area 
Security CD, and booted a laptop from the CD. It has some nice tools on it 
for checking servers (like Nessus). I also downloaded Knoppix-STD (a 
security-focused distribution) and Penguin Sleuth.

You may try forums dedicated to those distributions. The Knoppix-STD group 
seems to have a busier forum, but it also seems to be a script-kiddy hangout 
to a small extent.

Don't know if it helps you at all - but I did learn a lot about my network by 
probing the routers, switch and PCs using nessus. For what it's worth, the 
Local Area Security ISO (Knoppix-based) was very easy to use and has some 
good tools. Knoppix-std has a LOT more tools, and a lot more than I could 
research. Penguin Sleuth has some forums, and has an ISO, but I didn't get 
that far with it.

Now that I figured out how to backup and restore my PC, I might mess a little 
more with the Linux Forensics tool sets.