watching attackers attack - how

Discussion in 'other security issues & news' started by lunarlander, Feb 4, 2017.

  1. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    326
    Hi,

    I remember seeing a bashrc configuration a long time ago, that allows one to log all the commands issued and lets the admin see what an attacker is doing. Is this possible in Windows? How else can we observe what an attacker is doing other than to check if our defenses are functional ?
     
  2. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,591
    Location:
    U.S.A.
  3. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    326
    Do I need to do wireshark using a router/switch mirror/span machine? Or is it OK to run wireshark on the affected/attacked machine ?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.