-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Michael Schwendt wrote: | On Tue, 17 Dec 2002 22:28:40 -0600, Chad Skinner wrote: | | |>>Don't they teach in the RHCE class that a reinstall is "not |>>allowed" (or not an answer to an exam question)? :-) |> |>I don't know about the RHCE, but I personnaly don't know the MD5sums |>or filesizes for every binary on my system. Seems common knowledge, or |>at least a common answer on the list, that rebuilding a compromized |>box is the safest method to ensure that all replaced binaries are |>restored. | | | In my point of view, re-installation is only recommended to those | users who give the impression that they would fail to repair their | system completely. For instance, because they had no errata releases | installed at all, or because they were accessing their box via | remote telnet, or because they were always using the "root" user, or | because they were still running the compromised machine when posting | to this list.
Very good and valid points. I suppose I was coming from the POV that "reinstall" shouldn't be a global answer from an experienced admin *to* another experience admin. However for the newbie "root loving, errata/up2date igorant, telnet using, chmod -R 777 /" type admin, it's probably a good answer. Especially if they're using a stock Red Hat 6.2/7.0 install. <shudder> We *cannot* stress enough, however, that once the install is completed, you apply *all* errata ASAP before bringing your system online for production. I save myself the step by keeping my errata in my install tree. The moment it's released, it's copied to my install tree, (as well as rebuilt for i686) and I rerun genhdlist for the directory. That way the next nfs/http/ftp install I do is all up to snuff. YMMV tho. - -Rick - -- Rick Johnson, RHCE - [EMAIL PROTECTED] (from home) Linux/WAN Administrator - Medata, Inc. PGP Key: https://mail.medata.com/pgp/rjohnson.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+AJcFIgQdhlSHZgMRApTUAKCA9iHi0yGKhUs1FIygE8OByF0sCQCeNxuS 7lj+8cr9VSt31ov86/ATRUw= =pt8L -----END PGP SIGNATURE----- -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
