Re: Possible comprommission, what to do ?

To: debian-user@lists.debian.org
Subject: Re: Possible comprommission, what to do ?
From: Simon Brandmair <sbrandmair@gmx.net>
Date: Thu, 13 Nov 2014 19:11:53 +0100
Message-id: <[🔎] m42s9a$dm1$1@news.albasani.net>
In-reply-to: <olYpY-27R-29@gated-at.bofh.it>
References: <[🔎] 20141113085748.GH2981@rail.eu.org>

On 11/13/2014 10:00 AM, Erwan David wrote:
[...]
> However, I'd prefer be sure my server was not compromised, and at the
> lower possibe cost (in time and work). Is there a way to check the
> packages/installed files from outside sources (I may boot a fresh live
> system in order to have clean utilities), or even provoke a reinstall
> with a new download of the whole system ?

You might want to have a look at the "Securing Debian Manual
Chapter 11 - After the compromise (incident response)" [1].

Cheers,
Simon


[1]
https://www.debian.org/doc/manuals/securing-debian-howto/ch-after-compromise.en.html

Reply to:

References:
- Possible comprommission, what to do ?
  - From: Erwan David <erwan@rail.eu.org>

Prev by Date: Re: Ctrl-Alt-F12 to show Kernel messages
Next by Date: Re: advice on choosing an AMD chipset
Previous by thread: Re: Possible comprommission, what to do ?
Next by thread: Ctrl-Alt-F12 to show Kernel messages
Index(es):
- Date
- Thread