SELinux last straw
Jacques B.
jjrboucher at gmail.com
Thu Oct 18 00:35:17 UTC 2007
On 10/17/07, Jacques B. <jjrboucher at gmail.com> wrote:
> On 10/17/07, Les Mikesell <lesmikesell at gmail.com> wrote:
> > Jacques B. wrote:
> > >
> > > You can't honestly suggest that there should be a tool that can check
> > > your entire system for any evidence of intrusion and fix it?
> >
> > Well yes... Since there isn't a handier one, I usually do it by
> > restoring a backup from a time when I trusted the machine into a
> > subdirectory of some other machine, then running rsync -avn against the
> > live one to see what has changed.
> >
> > --
> > Les Mikesell
> > lesmikesell at gmail.com
>
> Well if that's the approach you take, I would suggest you use md5deep
> instead and use hashing as a means of verifying files on your system
> with those from a trusted backup.
>
And you would do this using a bootable CD and mount both your current
system and the backup copy read-only.
But this does not help the average home user such as our OP...
> Jacques B.
>
More information about the fedora-list
mailing list