Is Your e3000 Environment Secure? - HPWorld 2003
August 14, 2003
Would you know it if a hacker replaced a system file with a trojan horse?
Monitor system logging for unauthorized file open/close events
but what if a hacker disabled system logging or sanitized the log files?
Build a database of file checksums and other attributes for comparison purposes to detect file changes
Update the database after legitimate file changes
Various open source solutions – TripWire, Osiris, etc