Re: was I cracked? (rpc.statd, new version)
hi ya stig...
yes... that too...
but i think that one should do some checking/digging
BEFORE reinstalling ...
- one should know how they got in...
- one should know "why" they got in..
- one should know what time they got in...
- one should know what files they added and which was modified
- one should know "how to prevent it" the next time
- one should know if they got into any other pcs on the lan
- than reinstall it if needed
- and more importantly... apply all the patches
but i consider a reinstall the equivalent of a windoze reboot
unless the above major issues are answered first or at least
attempted to look at what happen first... than re-install and patch
c ya
alvin
On 11 Jul 2001, Stig Brautaset wrote:
> > you have to check the filesize of the binaries... not just the date...
> > compared to one that you know is NOT compromized...
> > and if you really paranoid...run some tests on it..
> >
>
> No, if you really are paranoid you just reinstall it.
>
>
> Cheers, Stig
> --
> 23:58:03 up 11 days, 17:25, 3 users, load average: 0.01, 0.03, 0.00
>
Reply to: