[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: hacked, then intrusion detection system

mgriffa writes;
> is there any way to full re-install the system from inside? like apt-get

If the machine has been cracked you cannot trust any executable on it
(including the kernel).  You can salvage your data and your config files
(if you audit them).  Fist thing to do is get the machine off the Net: if
it has been cracked it is being used to attack other machines.  You can use
'dpkg --get-selections > selections' and 'dpkg --set-selections < selections'
to set up your new system like the old one.  Man dpkg.

John Hasler
john@dhh.gt.org (John Hasler)
Dancing Horse Hill
Elmwood, WI

Reply to: