On Fri, Jan 11, 2002 at 05:07:02AM +0100, martin f krafft wrote: > you've been hacked -> backup -> re-mkfs -> reinstall -> re-config from > backup very carefully (i.e. file by file) -> restore user data -> do > some post-mortem with backup -> ensure security -> reopen server to > public and users -> more post-mortem -> take more security measures. > > standard procedure. >
agreed. full disk format and reinstall from backup is the only secure option. unless you are running something like tripwire there is no way to tell what the intruder did, and even then ... g
pgpZ9mmt7A542.pgp
Description: PGP signature
