[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] hacking

Subject: Re: [cobalt-users] hacking
From: "Brian Curtis" <admin@xxxxxxxxxxx>
Date: Mon May 8 15:00:23 2000
Organization: Pomfret Computer Technologies

----- Original Message -----
From: "Stephen Mc Carron" <newlyons@xxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Monday, May 08, 2000 4:59 PM
Subject: RE: [cobalt-users] hacking

> I really don't want to have to restore the raq and backups but is it the
> only way? How does someone get into a raq like this? Is there anything I
can
> do to prevent/reduce the risk of further attacks???

By the way...

You really should take this box offline and do a full restore from known
good backups.  Once a box has been exploited, it's almost impossible to
detect every little file modification that has been made to the system.
This means that some of your programs may have been replaced by evil little
gremlin programs which do something entirely different than what you'd
expect (and sometimes without you even knowing it).

If you have the time, you could compare every file on the system to a clean
Raq, but you're in for a few very long nights if you go that route.

BC

References:
- RE: [cobalt-users] hacking
  - From: Stephen Mc Carron

Prev by Date: Re: [cobalt-users] hacking
Next by Date: Re: [cobalt-users] E-mail questions
Previous by thread: Re: [cobalt-users] hacking
Next by thread: RE: [cobalt-users] hacking

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index