On Tue, 22 Jan 2008, James Knott wrote:-
>David Bolt wrote:
>> I'd apply the same logic to a Linux server as well. The reason being
>> that if a worm is able to install on the server using root privileges,
>> there's no way to know just what else has been installed by it without
>> performing some form of forensic work on the installation, and has to be
>> done using tools from outside the.
>
>Why would a server be running root privileges?
It wouldn't, but have you ever heard of local root exploits?
Regards,
David Bolt
--
Team Acorn: http://www.distributed.net/ OGR-P2 @ ~100Mnodes RC5-72 @ ~15Mkeys
SUSE 10.1 32bit | openSUSE 10.2 32bit | openSUSE 10.3 32bit | openSUSE 11.0a0
SUSE 10.1 64bit | openSUSE 10.2 64bit | openSUSE 10.3 64bit
RISC OS 3.6 | TOS 4.02 | openSUSE 10.3 PPC |RISC OS 3.11
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
