Re: Script to System Check Integrity against Debian Package Repository

To: debian-security@lists.debian.org
Subject: Re: Script to System Check Integrity against Debian Package Repository
From: adrelanos <adrelanos@riseup.net>
Date: Wed, 18 Sep 2013 14:49:39 +0000
Message-id: <[🔎] 5239BD83.7050808@riseup.net>
In-reply-to: <[🔎] CAKTje6FMijxYs09WMH=wJe4DUQWWDvQRm9PNwwitnAr5HxR=GA@mail.gmail.com>
References: <[🔎] 5238A34E.6040608@riseup.net> <[🔎] 52395812.9090409@etorok.net> <[🔎] CAKTje6FMijxYs09WMH=wJe4DUQWWDvQRm9PNwwitnAr5HxR=GA@mail.gmail.com>

Paul Wise:
> On Wed, Sep 18, 2013 at 9:36 AM, Török Edwin wrote:
> 
>> Why not just reinstall from a trusted source, then restore /etc, /home and /var from backups
>> and audit the changes introduced by that only?
> 
> That is a slightly short-sighted way to do it; if you restore from
> scratch without doing any forensics you won't know which methods your
> attackers used and how you can defend yourself from them after you
> have restored the system from scratch. Perhaps they will attack you
> again soon afterwards.
> 

I didn't have that argument in mind, but I am happy to read it.

Reply to:

References:
- Script to System Check Integrity against Debian Package Repository
  - From: adrelanos <adrelanos@riseup.net>
- Re: Script to System Check Integrity against Debian Package Repository
  - From: Török Edwin <edwin+ml-debian@etorok.net>
- Re: Script to System Check Integrity against Debian Package Repository
  - From: Paul Wise <pabs@debian.org>

Prev by Date: AUTO: Thomas Sinka ist außer Haus (Rückkehr am 01.10.2013)
Next by Date: Re: Script to System Check Integrity against Debian Package Repository
Previous by thread: Re: Script to System Check Integrity against Debian Package Repository
Next by thread: Re: Script to System Check Integrity against Debian Package Repository
Index(es):
- Date
- Thread