rootkit?
Gene Heskett
gene.heskett at verizon.net
Sun Dec 11 14:42:13 UTC 2005
On Sunday 11 December 2005 01:16, Scot L. Harris wrote:
>On Sun, 2005-12-11 at 00:59, Kam Leo wrote:
>> Isn't rebuilding a little extreme? If the cracker got into an
>> unpriviledged user's account and no further isn't that particular
>> user account the only thing at risk? Shouldn't changing all
>> passwords to strong ones and deleting the infected user account and
>> files be sufficient?
>
>How can you be sure they did not crack the root account and bury code
> on the system to maintain control? Or crack other user accounts?
>
>If you take half measures and the system is compromised again you may
>not know how or when it happened. And if the cracker gets pissed
> that you deleted his spam software he might use your system for
> other purposes or cause other damage before you can get it cleaned
> out.
>
>Hopefully his son learned from this why strong passwords are needed.
Yeah, when I heard what his sons pw was, it blew me away. Beyond dumb
even. I had given Jim a set of FC4.2 cd's a couple of weeks ago, so
this really does sound like a good excuse to blow FC3 away and install
FC4.2 from scratch. Its a dual boot box cause linux support for audio
studio editing still sucks & he is also a musician/author. The
windows apps for that Just Work(TM).
--
Cheers, Gene
People having trouble with vz bouncing email to me should use this
address: <gene.heskett at verizononline.net> which bypasses vz's
stupid bounce rules. I do use spamassassin too. :-)
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2005 by Maurice Eugene Heskett, all rights reserved.
More information about the fedora-list
mailing list