Steps for Recovering from a UNIX or NT System Compromise

Abstract

This document sets out suggested steps for responding to a UNIX or NT system compromise. Note that all actions taken during your recovery from a system compromise should be in accordance with your organization's policies and procedures. Note that the CERT Coordination Center and AusCERT (Australian Computer Emergency Response Team) are involved in providing technical assistance and facilitating communications in response to computer security incidents involving hosts on the Internet. We do not have legal expertise and cannot offer legal advice or opinions. For legal advice, we recommend that you consult with your legal counsel. Your legal counsel can provide you with legal options (both civil and criminal) and courses of action based on you or your organization's needs.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2017
Accession Number
AD1146053

Entities

Organizations

  • Carnegie Mellon University

Tags

DTIC Thesaurus Topics

  • Commerce
  • Computer Programming
  • Computers
  • Cybersecurity
  • Denial Of Service Attack
  • Department Of Defense
  • Detection
  • Directories
  • Emergencies
  • Emergency Response
  • Internet
  • Law
  • Law Enforcement
  • Operating Systems
  • Security
  • Software Development
  • System Software
  • Trojan Horse

Readers

  • Emergency Management and Homeland Security.
  • Organizational Process Management (OPM).
  • Political Violence and Terrorism Studies.

Technology Areas

  • Cyber