Re: Script to System Check Integrity against Debian Package Repository

To: debian-security@lists.debian.org
Subject: Re: Script to System Check Integrity against Debian Package Repository
From: Paul Wise <pabs@debian.org>
Date: Wed, 18 Sep 2013 09:47:27 +0200
Message-id: <[🔎] CAKTje6FMijxYs09WMH=wJe4DUQWWDvQRm9PNwwitnAr5HxR=GA@mail.gmail.com>
In-reply-to: <[🔎] 52395812.9090409@etorok.net>
References: <[🔎] 5238A34E.6040608@riseup.net> <[🔎] 52395812.9090409@etorok.net>

On Wed, Sep 18, 2013 at 9:36 AM, Török Edwin wrote:

> Why not just reinstall from a trusted source, then restore /etc, /home and /var from backups
> and audit the changes introduced by that only?

That is a slightly short-sighted way to do it; if you restore from
scratch without doing any forensics you won't know which methods your
attackers used and how you can defend yourself from them after you
have restored the system from scratch. Perhaps they will attack you
again soon afterwards.

-- 
bye,
pabs

http://wiki.debian.org/PaulWise

Reply to:

Follow-Ups:
- Re: Script to System Check Integrity against Debian Package Repository
  - From: adrelanos <adrelanos@riseup.net>
- Re: Script to System Check Integrity against Debian Package Repository
  - From: Marko Randjelovic <markoran@eunet.rs>
- Re: Script to System Check Integrity against Debian Package Repository
  - From: Marko Randjelovic <markoran@eunet.rs>

References:
- Script to System Check Integrity against Debian Package Repository
  - From: adrelanos <adrelanos@riseup.net>
- Re: Script to System Check Integrity against Debian Package Repository
  - From: Török Edwin <edwin+ml-debian@etorok.net>

Prev by Date: Re: Script to System Check Integrity against Debian Package Repository
Next by Date: Re: Script to System Check Integrity against Debian Package Repository
Previous by thread: Re: Script to System Check Integrity against Debian Package Repository
Next by thread: Re: Script to System Check Integrity against Debian Package Repository
Index(es):
- Date
- Thread