Re: Possible comprommission, what to do ?
On 11/13/2014 10:00 AM, Erwan David wrote:
[...]
> However, I'd prefer be sure my server was not compromised, and at the
> lower possibe cost (in time and work). Is there a way to check the
> packages/installed files from outside sources (I may boot a fresh live
> system in order to have clean utilities), or even provoke a reinstall
> with a new download of the whole system ?
You might want to have a look at the "Securing Debian Manual
Chapter 11 - After the compromise (incident response)" [1].
Cheers,
Simon
[1]
https://www.debian.org/doc/manuals/securing-debian-howto/ch-after-compromise.en.html
Reply to: