Re: BIND exploited ?

To: Thedore Knab <tjk@annapolislinux.org>, debian-isp@lists.debian.org
Subject: Re: BIND exploited ?
From: Russell Coker <russell@coker.com.au>
Date: Fri, 4 Jan 2002 13:01:42 +0100
Message-id: <[🔎] 20020104151620.F064B372DB9@lyta.coker.com.au>
Reply-to: Russell Coker <russell@coker.com.au>
In-reply-to: <[🔎] 20020104021646.GA24501@annapolislinux.org>
References: <[🔎] 20020104021646.GA24501@annapolislinux.org>

On Fri, 4 Jan 2002 03:16, Thedore Knab wrote:
>  Where do I go from here ?

Buy new hard drives, install them and install the latest version of your 
favourite distribution and configure it in a secure fashion.  Make sure that 
all passwords are different.

Trying to remove root-kits etc might be fun if you're running a "honeypot" 
system, but if you are running a business or some other organization that has 
aims other than playing with Linux machines then a complete re-install is the 
best option.  Otherwise you'll just end up playing cat-and-mouse with the 
cracker, and they'll probably start randomly deleting data files when they 
start losing.

-- 
http://www.coker.com.au/bonnie++/     Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/       Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/     My home page

Reply to:

Follow-Ups:
- Re: BIND exploited ?
  - From: Andy Bastien <lists@yuggoth.net>

References:
- BIND exploited ?
  - From: Thedore Knab <tjk@annapolislinux.org>

Prev by Date: Re: Apache cgi-bin for users
Next by Date: Re: BIND exploited ?
Previous by thread: Re: BIND exploited ?
Next by thread: Re: BIND exploited ?
Index(es):
- Date
- Thread