Re: Re: Is my system compromised

To: debian-user@lists.debian.org
Subject: Re: Re: Is my system compromised
From: Todd Weaver <todd@m2n.com>
Date: Sun, 5 Feb 2006 11:44:53 -0800
Message-id: <[🔎] 20060205194453.GC20801@m2n.com>
In-reply-to: <[🔎] 20060205024738.GA21681@nitpicking.com>
References: <000001c629a0$53d87a40$0f01a8c0@PCBENJR> <[🔎] 20060205024738.GA21681@nitpicking.com>

On Sat, Feb 04, 2006 at 09:47:38PM -0500, Carl Fink wrote:
> Remove the hard drive(s).  Mount on another system and recover data BUT NOT
> PROGRAMS.
> 
> Put the drives back in and boot from a known clean Debian CD.  Reinstall
> Debian and your programs.  Lock everything down using the Debian security
> tips at <http://www.debian.org/security/>.  
> 
> Once you're rooted, this is way easier and more effective than trying to fix
> things.

Agreed;

   However, finding the reason why, and how, would save us all from
   similar fate, at least it would spread the knowledge.

   After you've determined you've been compromised, or feel like you
   might have been but cannot determine why/how, the only way to
   guarantee a pristine system, is to do a fresh install.

   Then secure your box (per the link above).

Todd.

Reply to:

Follow-Ups:
- Re: Is my system compromised
  - From: John Hasler <jhasler@debian.org>

References:
- Re: Re: Is my system compromised
  - From: Carl Fink <carl@fink.to>

Prev by Date: OT : K9Copy Problems
Next by Date: Re: Debian packages of Gnucash 1.9/2.0? (ie latest dev version)
Previous by thread: ReRe: alternative Re: Is my system compromised
Next by thread: Re: Is my system compromised
Index(es):
- Date
- Thread