Re: debian 2.0: some intruder broke in - backups/tracking
On Thu, 20 Mar 2003, Paul Johnson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Thu, Mar 20, 2003 at 02:27:06PM +0000, Jan Andrzej wrote:
> > Some intruder broke in (cracked in) debian 2.0
> > system.
>
> Why weren't you using a version that's still actively maintained with
> security updates in the first place?
people learn best the hard way or when its time for a new lesson for the
day/week/month ??
- btw .. assuming that backups is "clean" is an extreme bad idea ..
- when you reinstall your new system and reinstall your data
from backups .. you have a high probability that you can
reinstall the [h/cr]ackers trojans and back doors
- if you dont know how they got in ..
- they'll get in again if you didnt change anything
from the "generic install methodologies"
- do it better/faster/differently/more securely this time ...
- it would be nice to get hold of that disk to see
- who the [h/cr]acker was
- where they came in from
- how they got in and how many times they got in
- what files they changed
- how long they been sitting there watching your network
- where else did they poke around in your lan and on the net
- .. blah .. blah ..
- than get a court order to seize their PC as evidence
for "computer crimes" against your PCs
c ya
alvin
Reply to: