All,
I have been googling around for different guides on what files to monitor that people would edit for malicious intent. In my readings so far, i have found the common files people edit.
so far i have found:
- /etc/hosts
- ufw config files
- /bin/login
what other files do you guys monitor actively and why?
Thanks in advance!
-tsnm
Bookmarks