The only way to recover from a hack is to do a total system reinstall. If you were smart you would have backed up important data and will be able to restore from a volume dated before the attack. The reason for the reinstall is to make absolutely certain that the attacker didn't leave any other Trojan programs behind. Typically the reason someone will gain access to a server is to plant programs there for later use on another attack in order to make it harder to trace. In any event, a reinstall is the only way to give you total piece of mind. Anything less and you are only opening yourself up to more problems down the road. Brandon Wheaton UNIX Systems Engineer ValiCert, Inc. 1215 Terra Bella Ave. Mountain View, CA 94043 650.567.5430 ---- Computers are useless; they can only provide answers. ~Pablo Picasso -----Original Message----- From: Steve Ball [mailto:Steve@xxxxxxxxxxxxxxx] Sent: Sunday, May 21, 2000 11:01 AM To: Cobalt-Users@List. Cobalt. Com Subject: [cobalt-users] BIND Hack Hi Guys, Just subscribed to the list and have a question already. One of our guys has been playing around with a Raq3 which he has had for a while, without the O/S update and it's been hit with the BIND hack, and he's having lots of grief with it. Does anyone know how to restore security/ownership to him without restoring from CD? I apologise if this question has been asked before but as I said, I am new to the list. Regards, Steve _______________________________________________ cobalt-users mailing list cobalt-users@xxxxxxxxxxxxxxx To Subscribe or Unsubscribe, please go to: http://list.cobalt.com/mailman/listinfo/cobalt-users
Attachment:
smime.p7s
Description: S/MIME cryptographic signature