Dead Linux Machines Do Tell Tales

It was in January of 2002 when we finally recognized the signs of disaster - the IDS told of anomalous activity on port 22 both inbound and out. Where there was little or no traffic before, we now see dozens of SSH connections to (and from) various foreign nations. We didn't know what they were...
James Fung
May 15, 2013

All papers are copyrighted. No re-posting of papers is permitted