On Vi, 25 feb 11, 12:42:51, Sjoerd Hardeman wrote:But there is no 100% way to tell the machine is clean, so you will have
> The fact that a compromised user account = a compromised machine is
> of course very true. However, when detected it might be that the
> attacker did not manage yet to get root permissions. Thus, it buys
> some time.
to wipe and reinstall anyway.