Absolutely. Once a system has been exploited in such a manner, it is completely untrustable. It should most definitely be wiped.
The IT ppl in SDC (and many other places) need to all be lined up and smacked Three Stooges style. On 8/19/05, Donald J. Ankney <[EMAIL PROTECTED]> wrote: > > Any IT department that simply removes a worm and shoves a box back > into production has serious issues. > > After a machine has been compromised, it should be wiped and rebuilt. -- ME2 <http://www.santeriasys.net/> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/