-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The Monday 2008-01-21 at 20:41 -0800, Joe Sloan wrote:
David Bolt wrote:
The reason being
that if a worm is able to install on the server using root privileges,
there's no way to know just what else has been installed by it without
performing some form of forensic work on the installation
Why would you assume that a worm got root privileges? In the cases I've
Because David wrote, in the email you quoted:
]> The commands were executed by a root shell and was used to download the
]> loader script,
I was thinking, at first glance, the same, that root was compromised. But
you are right, it's not always the case. Rather, it should never be the
case.
- --
Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
iD8DBQFHlhhNtTMYHG2NR9URAnZNAJ9Zvkt/ZyhEeQG22LgbVqAF2LuoJACfcoEz
fHd7970olNCD1/rteJlBgWE=
=u0sc
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
