some attack to fedora machine .
Les
hlhowell at pacbell.net
Fri Apr 11 15:13:15 UTC 2008
On Fri, 2008-04-11 at 02:06 -0600, Frank Cox wrote:
> On Fri, 11 Apr 2008 08:53:35 +0100
> Alan Cox <alan at lxorguk.ukuu.org.uk> wrote:
>
> > you can usually recover a box pretty trivially.
>
> The problem, though, is that you can never really KNOW that everything is back
> in order. After someone has root and the run of your machine, he can do
> whatever he likes. You say that you found four exploits installed? What if
> there's really five? Or six? Or...
>
> I firmly believe that the only realistic way to deal with an intrusion of that
> nature is a full nuke and re-pave.
>
> --
I'll second that. Having been rootkitted once, I can tell you that it
is no small matter if the attacker is sophisticated, and desires to do
you great harm. I finally had to replace the harddrive. I never did
isolate all the issues, and even formatting didn't seem to put it back
in order. I have no idea why I was targeted, or if it was a storm that
I got into by some blunder on the keyboard, but my system was hosed (of
course it was Windows).
Regards,
Les H
More information about the fedora-list
mailing list