mirror of
https://git.FreeBSD.org/ports.git
synced 2024-11-04 22:33:27 +00:00
8b129ae903
compromised hosts. RID can remotely detect Stacheldraht, TFN, Trinoo and TFN2k if the attacker did not change the default ports.
13 lines
608 B
Plaintext
13 lines
608 B
Plaintext
RID - Remote Intrusion Detection
|
|
--------------------------------
|
|
RID is a configurable tool which uses intrusion fingerprints to track down
|
|
compromised hosts. RID can remotely detect Stacheldraht, TFN, Trinoo and TFN2k
|
|
if the attacker did not change the default ports.
|
|
|
|
After a compromise, this information can often be turned into a "fingerprint"
|
|
of the intrusion. RID is designed to be capable of accurately specifying this
|
|
"fingerprint" with little knowledge of network programming.
|
|
|
|
RID is based off an extension of ngrep (network grep). It is different because
|
|
it extends ngrep into a probing tool.
|