* emmanuel segura <emi2f...@gmail.com> [2014-01-22 15:06 +0100]: > if you think you are been hacked, you can use ps, lsof and others commands > from other not hacked server, for example scp goodserver:/bin/ps /tmp/ps > and use /tmp/ps, this isn't secure, because maybe the attacker installed > one rootkit
If you have used the password for goodserver, then the attacker may now have this as well. Or the passphrase to your key. If you do not need any of these, the goodserver might not be that good. Nicolas -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140123081654.ga69...@mid.pc5.i.0x5.de