BestHub
Sign in
Tagged articles
45 articles
Page 1 of 1
MaGe Linux Operations
MaGe Linux Operations
Mar 4, 2026 · Information Security

Master Linux Intrusion Detection & Incident Response: A Practical Hands‑On Guide

This comprehensive guide walks you through building a layered Linux intrusion detection system, configuring host‑based tools such as AIDE, rkhunter, and auditd, automating security audits, performing forensic investigations, and executing a six‑step incident response workflow to detect, contain, and remediate attacks effectively.

AIDEAuditdForensics
0 likes · 59 min read
Master Linux Intrusion Detection & Incident Response: A Practical Hands‑On Guide
Black & White Path
Black & White Path
Feb 11, 2026 · Information Security

Linux Intrusion Checklist: Detect Hacker Activity with a Single Script

The article introduces Linux_checklist.sh, a script that audits a Linux system for signs of compromise—including network sniffing, deleted‑file processes, tampered binaries, unauthorized SSH keys, malicious cron jobs, resource abuse, privilege anomalies, persistence mechanisms, file integrity issues, and suspicious log activity—while warning that its output contains sensitive data.

ForensicsLinuxSecurity
0 likes · 6 min read
Linux Intrusion Checklist: Detect Hacker Activity with a Single Script
Raymond Ops
Raymond Ops
Jan 15, 2026 · Information Security

Master Linux Server Intrusion Detection & Response: A Complete Practical Guide

This guide walks Linux administrators through a full‑cycle intrusion detection and emergency response process, covering metric monitoring, log analysis, file integrity checks, attack confirmation, staged remediation, preventive hardening, and useful automation scripts to keep servers secure.

AutomationLinuxSecurity
0 likes · 16 min read
Master Linux Server Intrusion Detection & Response: A Complete Practical Guide
Ops Community
Ops Community
Dec 21, 2025 · Information Security

How to Investigate and Harden a Compromised Linux Server: Real-World Case Study

This guide walks through a real incident where a Linux server was hijacked by a mining virus, detailing step‑by‑step emergency response, systematic forensic investigation, cleanup procedures, and hardening measures to prevent future breaches, complete with scripts and best‑practice recommendations.

LinuxRootkitServer Hardening
0 likes · 26 min read
How to Investigate and Harden a Compromised Linux Server: Real-World Case Study
Liangxu Linux
Liangxu Linux
Oct 26, 2025 · Information Security

Master Linux Server Intrusion Detection & Rapid Incident Response: A Complete Hands‑On Guide

This comprehensive guide walks Linux administrators through early detection of system anomalies, detailed log analysis, file‑integrity checks, intrusion confirmation, step‑by‑step emergency response, system hardening, preventive monitoring, and essential open‑source security tools, all illustrated with ready‑to‑run Bash scripts.

LinuxSecurity Scriptsincident response
0 likes · 17 min read
Master Linux Server Intrusion Detection & Rapid Incident Response: A Complete Hands‑On Guide
AntTech
AntTech
Sep 16, 2025 · Information Security

How Ant Group’s Aspect‑Fusion Intelligence Revolutionizes Cybersecurity Threat Detection

Ant Group’s award‑winning ‘Aspect Fusion Intelligence’ system, unveiled at the 2025 Zhejiang Cybersecurity Promotion Week, leverages AI, large models, blockchain and zero‑trust principles to tackle trillion‑scale data, rapid threat response, and financial‑grade reliability, setting new standards for intrusion detection.

AIZero Trustcybersecurity
0 likes · 5 min read
How Ant Group’s Aspect‑Fusion Intelligence Revolutionizes Cybersecurity Threat Detection
MaGe Linux Operations
MaGe Linux Operations
Aug 20, 2025 · Information Security

Master Linux Intrusion Detection & Response: A Complete Hands‑On Guide

Learn how to detect, analyze, and remediate Linux server compromises with practical monitoring scripts, log analysis techniques, file integrity checks, and step‑by‑step emergency response procedures, covering early detection, incident investigation, system hardening, and preventive measures to safeguard your infrastructure.

Sysadminintrusion detection
0 likes · 16 min read
Master Linux Intrusion Detection & Response: A Complete Hands‑On Guide
Ops Development & AI Practice
Ops Development & AI Practice
Jul 4, 2025 · Information Security

Proactive Intrusion Detection for Financial Systems with AWS CloudTrail & EventBridge

This guide walks through designing and implementing a proactive, real‑time intrusion detection solution for financial systems by leveraging AWS CloudTrail to capture API activity and EventBridge to trigger alerts and automated responses, covering high‑risk IAM actions, network changes, and best‑practice rule configurations.

AWSCloudTrailEventBridge
0 likes · 10 min read
Proactive Intrusion Detection for Financial Systems with AWS CloudTrail & EventBridge
Ops Community
Ops Community
Jul 4, 2025 · Information Security

Master Enterprise Linux Security Hardening: From Basics to Advanced

This comprehensive guide walks you through essential Linux security hardening steps—including system updates, service disabling, password policies, SSH configuration, firewall rules, intrusion detection, file integrity monitoring, log auditing, automation scripts, and emergency response—to help enterprises build a resilient and continuously protected infrastructure.

AutomationLinuxSSH
0 likes · 9 min read
Master Enterprise Linux Security Hardening: From Basics to Advanced
MaGe Linux Operations
MaGe Linux Operations
May 21, 2025 · Information Security

Comprehensive Linux Intrusion Detection Checklist: Spot Hackers Fast

This guide walks you through a step‑by‑step Linux intrusion detection process, covering account audits, log analysis, process inspection, system file checks, scheduled task reviews, and historical command examinations, each illustrated with clear screenshots to help you quickly identify potential compromises.

Account AuditSecurityintrusion detection
0 likes · 5 min read
Comprehensive Linux Intrusion Detection Checklist: Spot Hackers Fast
Raymond Ops
Raymond Ops
Dec 26, 2024 · Information Security

How to Detect and Recover from a Linux Server Intrusion: A Step‑by‑Step Guide

This article details a real‑world Linux server breach, describing the symptoms, investigative commands, log analysis, malicious script removal, file attribute unlocking, and practical remediation steps, while highlighting key lessons and preventive measures for future security.

LinuxRootkit RemovalServer Security
0 likes · 16 min read
How to Detect and Recover from a Linux Server Intrusion: A Step‑by‑Step Guide
Java High-Performance Architecture
Java High-Performance Architecture
Mar 21, 2023 · Information Security

How to Detect and Recover from a Compromised Linux Server: Step‑by‑Step Guide

A detailed walkthrough of a recent Linux server breach shows how attackers hijacked system utilities, inserted hidden scripts, and leveraged LD_PRELOAD, while the remediation steps cover log analysis, SSH hardening, file attribute restoration, cron cleanup, and key lessons for future hardening.

LinuxRootkit RemovalServer Security
0 likes · 15 min read
How to Detect and Recover from a Compromised Linux Server: Step‑by‑Step Guide
AntTech
AntTech
Nov 28, 2022 · Information Security

Ant Group Anti‑Intrusion Platform: Architecture, Trillion‑Scale Detection, Risk Assessment, and Automated Response

This article details the evolution, architecture, and key technologies of Ant Group's anti‑intrusion platform, explaining how it handles trillion‑level data streams for intrusion detection, performs multi‑dimensional risk assessment and attribution, and enables rapid, automated security incident response across massive enterprise environments.

anti-intrusioninformation securityintrusion detection
0 likes · 15 min read
Ant Group Anti‑Intrusion Platform: Architecture, Trillion‑Scale Detection, Risk Assessment, and Automated Response
Efficient Ops
Efficient Ops
Nov 20, 2022 · Information Security

How to Detect and Recover from Linux Server Intrusions: Essential Checks

This guide outlines eleven practical steps for Linux system administrators to identify signs of compromise—such as missing logs, altered password files, unusual login activity, abnormal traffic, and deleted files—and provides command examples for detection and recovery.

File RecoveryLinuxSecurity
0 likes · 7 min read
How to Detect and Recover from Linux Server Intrusions: Essential Checks
Architecture Digest
Architecture Digest
Oct 8, 2022 · Information Security

Server Intrusion Investigation and Remediation Steps on a Linux Host

This article documents a real‑world Linux server compromise, detailing the observed symptoms, forensic commands, malicious scripts, file‑locking tricks, and a step‑by‑step remediation process including SSH hardening, cron cleanup, chattr usage, and preventive security recommendations.

LinuxRootkitServer Security
0 likes · 15 min read
Server Intrusion Investigation and Remediation Steps on a Linux Host
MaGe Linux Operations
MaGe Linux Operations
Sep 27, 2022 · Information Security

Understanding Network Security: Threats, Encryption, and Defense Mechanisms

This article provides a comprehensive overview of network security, covering passive and active threats, cryptographic models, digital signatures, authentication methods, key distribution, firewalls, and intrusion detection systems, highlighting essential concepts and practical defenses.

Firewallscryptographydigital signatures
0 likes · 14 min read
Understanding Network Security: Threats, Encryption, and Defense Mechanisms
Architects' Tech Alliance
Architects' Tech Alliance
Jun 16, 2022 · Information Security

Host Security Capability Construction Guide: Key Capabilities, Industry Priorities, and Implementation Process

The Host Security Capability Construction Guide analyzes evolving threats, categorizes security capabilities into basic, enhanced, and advanced levels, details industry-specific priority requirements, and outlines a comprehensive construction and evaluation process to help enterprises select appropriate solutions and build an effective host security framework.

Host Securityasset inventorycompliance
0 likes · 12 min read
Host Security Capability Construction Guide: Key Capabilities, Industry Priorities, and Implementation Process
Alibaba Cloud Infrastructure
Alibaba Cloud Infrastructure
May 31, 2022 · Information Security

Fidas: FPGA‑Based Comprehensive Offloading for Cloud Intrusion Detection (ISCA 2022 Full‑Score Paper)

The ISCA 2022 full‑score paper “Fidas: Fortifying the Cloud via Comprehensive FPGA‑based Offloading for Intrusion Detection” presents a novel FPGA‑accelerated IDS architecture that jointly offloads regex matching and traffic classification, achieving high flexibility, rapid rule updates, balanced load, and line‑rate performance in cloud data centers.

FPGAHardware accelerationISCA
0 likes · 7 min read
Fidas: FPGA‑Based Comprehensive Offloading for Cloud Intrusion Detection (ISCA 2022 Full‑Score Paper)
Python Crawling & Data Mining
Python Crawling & Data Mining
Jul 28, 2021 · Information Security

Essential Network Security Tools: A Comprehensive Beginner's Guide

This article presents a curated list of network security utilities—including anti‑malware, scanners, encryption, IDS, port scanners, exploit frameworks, monitoring, proxies, wireless, rootkit detectors, and packet sniffers—each with brief descriptions and download links for aspiring security practitioners.

intrusion detectionnetwork securitypacket sniffing
0 likes · 17 min read
Essential Network Security Tools: A Comprehensive Beginner's Guide
Efficient Ops
Efficient Ops
Apr 5, 2021 · Information Security

Essential Linux Account Security & Intrusion Investigation Checklist

This guide explains how to secure Linux accounts, examine critical system files, use command‑line tools to monitor logins, detect suspicious activity, analyze logs, and investigate potential intrusions, providing practical steps for administrators to harden and audit their servers.

Linuxaccount securityintrusion detection
0 likes · 13 min read
Essential Linux Account Security & Intrusion Investigation Checklist
Open Source Linux
Open Source Linux
Jan 25, 2021 · Information Security

How to Detect and Recover from Linux Server Intrusions: Essential Commands and Techniques

This guide walks Linux operations engineers through common signs of a compromised host—such as missing logs, altered password files, unexpected login events, and deleted critical files—and provides concrete command‑line techniques for detection, investigation, and recovery using tools like ll, du, lastlog, who, lsof, and tcpdump.

File RecoveryLinuxSecurity
0 likes · 14 min read
How to Detect and Recover from Linux Server Intrusions: Essential Commands and Techniques
Liangxu Linux
Liangxu Linux
Jan 10, 2021 · Information Security

Essential Linux Account Security and Intrusion Detection Checklist

This guide provides a comprehensive, step‑by‑step walkthrough of Linux account security, user and shadow file inspection, login record analysis, process and startup script examination, cron job auditing, file integrity searches, and log‑based intrusion detection using practical commands and examples.

LinuxShell Commandsaccount security
0 likes · 17 min read
Essential Linux Account Security and Intrusion Detection Checklist
MaGe Linux Operations
MaGe Linux Operations
Dec 23, 2020 · Information Security

Essential Linux Account Security & Intrusion Detection Checklist

This guide details Linux account security fundamentals, including critical system files, user and privilege inspection commands, login monitoring, intrusion investigation techniques, startup script analysis, cron job auditing, file searching methods, process inspection, and log file examination to help secure and troubleshoot Linux servers.

LinuxShell Commandsaccount security
0 likes · 17 min read
Essential Linux Account Security & Intrusion Detection Checklist
Huolala Tech
Huolala Tech
Nov 3, 2020 · Information Security

Real-Time Linux Process Auditing with Netlink Connector and ncp

This article explains how the Linux netlink connector, together with a lightweight user‑space ncp program, can audit all process events in real time, enabling detailed host security monitoring, detection of intrusion behaviors such as reverse shells, and reconstruction of attack chains through captured exec, fork, and exit data.

ConnectorHost SecurityLinux
0 likes · 12 min read
Real-Time Linux Process Auditing with Netlink Connector and ncp
Meituan Technology Team
Meituan Technology Team
Sep 30, 2020 · Information Security

Security Control Algorithms for Cyber‑Physical Systems

Professor Mo Yilin explained that securing cyber‑physical systems—such as autonomous vehicles and smart grids—requires a multi‑layered approach combining control‑theoretic redundancy, active watermark‑based intrusion detection, resilient estimation, and data‑driven design to maintain safe operation despite networked attacks and replay threats, ensuring reliability of critical infrastructure.

ResilienceSecuritycontrol algorithms
0 likes · 25 min read
Security Control Algorithms for Cyber‑Physical Systems
21CTO
21CTO
Feb 24, 2020 · Information Security

Top 10 Open‑Source Security Tools Every Professional Should Know

This article introduces ten essential open‑source security tools—including Nessus, Snort, Nagios, Ettercap, Infection Monkey, Delta, Cuckoo Sandbox, The Sleuth Kit, Lynis, and Certbot—detailing their main features, licensing models, and typical use cases for vulnerability scanning, intrusion detection, network monitoring, and forensic analysis.

Network Monitoringdigital forensicsencryption
0 likes · 9 min read
Top 10 Open‑Source Security Tools Every Professional Should Know
UCloud Tech
UCloud Tech
Nov 26, 2019 · Information Security

Uncover the Top Cloud Security Threats and Proven Defense Strategies

This article outlines the most common cloud computing security risks—including DDoS, CC, web application, host intrusion, data leakage, site hijacking, and insider leaks—then presents corresponding cloud security services such as anti‑DDoS cleaning, intrusion detection, and advanced protection features to help safeguard cloud assets.

DDoS protectionintrusion detectionrisk mitigation
0 likes · 7 min read
Uncover the Top Cloud Security Threats and Proven Defense Strategies
HomeTech
HomeTech
Jul 31, 2019 · Information Security

Enterprise Intrusion Detection System Architecture and Feature Overview

This document outlines the background, challenges, and a comprehensive enterprise intrusion detection solution that combines host‑based and network‑based monitoring, automated CVE and GitHub leak collection, a modular agent‑middle‑display architecture, and future plans for multi‑dimensional threat modeling to enhance preventive security capabilities.

CVE collectionSOCasset visualization
0 likes · 10 min read
Enterprise Intrusion Detection System Architecture and Feature Overview
Liangxu Linux
Liangxu Linux
Mar 11, 2019 · Information Security

How to Detect and Recover From Linux Server Intrusions: Practical Steps

This guide outlines ten practical methods for Linux administrators to identify compromised machines on CentOS, including log inspection, checking /etc/passwd and /etc/shadow, analyzing login records, monitoring network traffic, and using lsof to recover deleted log files, with step‑by‑step commands and examples.

File Recoveryintrusion detectionlog analysis
0 likes · 7 min read
How to Detect and Recover From Linux Server Intrusions: Practical Steps
Meituan Technology Team
Meituan Technology Team
Nov 8, 2018 · Information Security

Intrusion Detection: Concepts, Challenges, and Best Practices

Effective intrusion detection for large enterprises hinges on combining signature‑based pattern matching with baseline anomaly modeling, gathering comprehensive host and network logs, focusing on the GetShell foothold, managing alert fatigue, and integrating AI‑enhanced feature engineering while maintaining robust operational foundations and continuous expertise development.

AISecurity Operationscybersecurity
0 likes · 31 min read
Intrusion Detection: Concepts, Challenges, and Best Practices
MaGe Linux Operations
MaGe Linux Operations
Jan 12, 2018 · Information Security

How to Detect If Your UNIX Server Has Been Compromised: 11 Practical Checks

This guide walks through eleven hands‑on techniques for uncovering UNIX or Solaris intrusions, from inspecting password files and processes to verifying daemon configurations, network sockets, logs, core dumps, hidden files, file integrity, kernel modules, and the limits of manual detection versus IDS solutions.

Network Monitoringintrusion detectionkernel integrity
0 likes · 14 min read
How to Detect If Your UNIX Server Has Been Compromised: 11 Practical Checks
Efficient Ops
Efficient Ops
May 11, 2017 · Information Security

Mastering Linux Security: Real‑World Attack Vectors and Defense Strategies

This article shares practical insights from a security director at YY Live, detailing the complex Linux security landscape, common vulnerabilities, real‑world attack techniques such as Redis abuse and privilege escalation, and a multi‑layered defense approach that balances rapid business iteration with robust protection.

DDoS mitigationLinux securityVulnerability Management
0 likes · 21 min read
Mastering Linux Security: Real‑World Attack Vectors and Defense Strategies