Schmehl, Paul L wrote: <snip>
This advice is common, and it's always mystified me. Why would you want backups of the "data"? If the box is compromised, you can't trust *anything* on it, can you? How can you know for certain that "data" isn't a cleverly concealed backdoor?
Hmmm. Well, if the execute bit isn't set, then I'd assume it can be considered relatively safe. If the attacker can later find a way to chmod it and then execute it with the privliges needed to make it harmful, then I imagine that they could find other ways of compromising your machine as well.
For Windows, if it's a backdoor that is named something.txt, well, again, the attacker would have to find a way to rename that file and execute it with appropriate permissions. Again, I imagine that if they can do that, that they could find other ways of compromising your machine as well.
<snip>
Brian -- Brian Eckman Security Analyst OIT Security and Assurance University of Minnesota
"There are 10 types of people in this world. Those who understand binary and those who don't."
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html