Monday, May 9, 2011

Analyzing a Compromised Linux Server With Volatility

The Challenge 7 of the Forensic Challenge 2011 from the Honeynet  Project is a good opportunity to use Volatility to analyse a compromised Linux server.

The image and memory dump seem to show a possible compromise via an unpatched vulnerability in Exim (CVE-2010-4345) .

No comments:

Post a Comment