Re: Verify programs

To: debian-user@lists.debian.org
Subject: Re: Verify programs
From: Paul Johnson <baloo@ursine.ca>
Date: Mon, 25 Aug 2003 03:14:39 -0700
Message-id: <[🔎] 20030825101439.GB13181@ursine.ca>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] Pine.LNX.4.56.0308251128510.15891@chimay>
References: <[🔎] Pine.LNX.4.56.0308251128510.15891@chimay>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Aug 25, 2003 at 11:34:35AM +0200, Bas Benschop wrote:
> Hello,
> 
> This weekend several systems at our site were hacked. In /var/spool/.test/
> several programs were installed, log, pscan, x and xscan.
> 
> Also some system utilities were replaced with older versions. Is it
> possible to check the versions of programs and compare them with the
> versions in the package database?

Yup.  It's entirely possible you will never know exactly what
happened.  Your best bet is to fdisk, format and reinstall after being
compromised, restoring user data from a backup before the compromise.

- -- 
 .''`.     Paul Johnson <baloo@ursine.ca>
: :'  :    proud Debian admin and user
`. `'`
  `-  Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/SeGPUzgNqloQMwcRAvWsAKCMVzIlqc+ziunw/ha3wK/ZWisgywCfUAlA
PBKRN1nx+z4jJaG4jA0X3pc=
=Jojc
-----END PGP SIGNATURE-----

Reply to:

References:
- Verify programs
  - From: Bas Benschop <b.benschop@tn.utwente.nl>

Prev by Date: Re: Help me please with TAR
Next by Date: Re: Verify programs
Previous by thread: Verify programs
Next by thread: Re: Verify programs
Index(es):
- Date
- Thread