ACK! How to fix a compromised system?
Hanasaki JiJi
hanasaki at hanaden.com
Sun Apr 20 02:59:23 CDT 2003
What are signs to look for in a compromised system?
Dustin Decker wrote:
> On Sat, 19 Apr 2003, Bradley Miller wrote:
>
>
>>I've got a box that someone put a "toolz" kit on yesterday. Any ideas on
>>how to cleanse the beast?
>
>
> Well... if you want to be able to really "trust" that host again, you
> really need to wipe the drive, install your os, and restore a backup.
> Root-kits tend to leave more backdoors in place than imaginable - finding
> them all is a pain.
>
> Find out, however, how they got in. Otherwise, even on a new install,
> they'll be back. :)
> D.
>
--
= Management is doing things right; leadership is doing the =
= right things. - Peter Drucker =
=_______________________________________________________________=
= http://www.sun.com/service/sunps/jdc/javacenter.pdf =
= www.sun.com | www.javasoft.com | http://wwws.sun.com/sunone =
More information about the Kclug
mailing list