some attack to fedora machine .

max bianco maximilianbianco at gmail.com
Fri Apr 11 15:38:20 UTC 2008


On Fri, Apr 11, 2008 at 11:13 AM, Les <hlhowell at pacbell.net> wrote:
> On Fri, 2008-04-11 at 02:06 -0600, Frank Cox wrote:
>  > On Fri, 11 Apr 2008 08:53:35 +0100
>  > Alan Cox <alan at lxorguk.ukuu.org.uk> wrote:
>  >
>  > > you can usually recover a box pretty trivially.
>  >
>  > The problem, though, is that you can never really KNOW that everything is back
>  > in order.  After someone has root and the run of your machine, he can do
>  > whatever he likes.  You say that you found four exploits installed?  What if
>  > there's really five?  Or six? Or...
>  >
>  > I firmly believe that the only realistic way to deal with an intrusion of that
>  > nature is a full nuke and re-pave.
>  >
>  > --
>  I'll second that.  Having been rootkitted once, I can tell you that it
>  is no small matter if the attacker is sophisticated, and desires to do
>  you great harm.  I finally had to replace the harddrive.  I never did
>  isolate all the issues, and even formatting didn't seem to put it back
>  in order.  I have no idea why I was targeted, or if it was a storm that
>  I got into by some blunder on the keyboard, but my system was hosed (of
>  course it was Windows).
>
>  Regards,
>  Les H
>
One of the best and most quoted lines I have heard is (paraphrased) "
look dude the worm aint smart enough to know your network is
uninteresting, it just does its thing". The other thing alot of people
don't seem to realize is that you call it a "virus" but its just a
program like any other. I find that a great many people (i'm not
necessarily refering to people who subscribe to this list) think
viruses are different or special somehow, they are programs just like
any other except they aren't trying to make "your" life easier.

Max




More information about the fedora-list mailing list