[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] BIND Hack

Subject: Re: [cobalt-users] BIND Hack
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Sun May 21 20:23:40 2000
Organization: nobaloney.net

Steve Ball wrote:

> One of our guys has been playing around with a Raq3 which he has had for a
> while, without the O/S update and it's been hit with the BIND hack, and he's
> having lots of grief with it.  Does anyone know how to restore
> security/ownership to him without restoring from CD?

I was about to say, rather flippantly, "Sure, just install a new hard
drive", but then I realized that you'd still have to use the restore CD
to create the files on the new drive.

There's no sure way to guarantee a hacked box isn't still compromised
except to completely rebuild it.

Well, actually there is...

Delete EVERY file on the box except the ones that came with the box when
new.

Check the checksums on EVERY file on the box with the checksums for the
same file as/when originally installed.

Of course this has the same result as a complete rebuild, and will take
much more time, in the order of say, hundreds of magnitudes.

So I'd go with the rebuild.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
nobaloney.net
P. O. Box 52672
Riverside, CA  92517
voice: (909) 787-8589  *  fax: (909) 782-0205

References:
- [cobalt-users] BIND Hack
  - From: Steve Ball

Prev by Date: Re: [cobalt-users] Users, Aliases and the Virtusertable
Next by Date: Re: [cobalt-users] Majordomo is stubborn: resets to 'closed'
Previous by thread: [cobalt-users] BIND Hack
Next by thread: [cobalt-users] BIND Hack

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index