Re: Possible comprommission, what to do ?
On 11/13/2014 10:00 AM, Erwan David wrote:
> However, I'd prefer be sure my server was not compromised, and at the
> lower possibe cost (in time and work). Is there a way to check the
> packages/installed files from outside sources (I may boot a fresh live
> system in order to have clean utilities), or even provoke a reinstall
> with a new download of the whole system ?
You might want to have a look at the "Securing Debian Manual
Chapter 11 - After the compromise (incident response)" .