• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Where can I find attack logs (.bash_history)

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Computer Forensics and Incident Response

View previous topic :: View next topic  
Author Message
Ipsec Espah
Just Arrived
Just Arrived


Joined: 16 Mar 2003
Posts: 4


Offline

PostPosted: Fri Feb 08, 2008 3:40 pm    Post subject: Where can I find attack logs (.bash_history) Reply with quote

I'm interested in seeing exactly what attackers do on systems they break into. I've read a couple great papers here and here on compromised Red Hat 8 honeypots that have transcripts of what the attacker did. Does anyone know where I can find similar attack logs/transcripts?
Back to top
View user's profile Send private message
BluePass
Just Arrived
Just Arrived


Joined: 23 Mar 2008
Posts: 0


Offline

PostPosted: Mon Apr 21, 2008 4:44 am    Post subject: Reply with quote

I thought I'd drop by and pass you a link -- the content is pretty old, but it's the only thing I know of that will show you attack logs. I know your post is pretty old too, but I was looking through the forums and found your post, so I decided I'd share this with you, if you don't already know about it.

They are supposed to be transcripts of Kevin Mitnick's online sessions, recorded by Tsutomu Shimomura. There are a few good hours worth of transcripts so they should last you for a while. You can find them here.

However, I do want to say that if you intend to use this to teach yourself about the techniques used by hackers, it is not really the best way to go. In fact I can't really imagine a best way to go about this. There will always be new methods of exploitation and different exploits. The same thing will happen with the tools used for cleaning the logs on a system, as I doubt many hackers will do it manually. And again, the same story for backdoors, rootkits, and anything else an attacker would want to install on a victim's machine.

Finally, you should realize that the majority of the attacks that do happen to personal computers are probably just a kid trying to up the count of zombie machines in his botnet. Their tools and techniques will usually be standard and they will grab whatever they can -- that is if you're not the one downloading and installing their malware, unaware of what you're doing. That will obviously differ from a bunch of hackers who one day decide to try to hack into a specific bank, in which case their techniques will change with the amount of security that bank uses.

Enjoy the transcripts. If you tell me more about what you're trying to do, I may be able to point you in the right direction.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Computer Forensics and Incident Response All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register