System cracked, a story
miah
jjohnson at sunrise-linux.com
Mon May 26 09:21:47 EDT 2003
ugh, tripwire *laugh*
You should all really look at samhain
http://la-samhna.de/
-miah
On Sun, May 25, 2003 at 11:37:24PM -0400, Bill Horne wrote:
> On Sun, May 25, 2003 at 08:33:03PM -0400, Doug Sweetser wrote:
> [snip]
> > Last Sunday, someone with a root kit was able to replace my
> > /etc/passwd file.
>
> [snip]
> > The intruder wasted my time, but no data was lost. If people have
> > other ideas about stopping root kits, I'd like to know.
>
> [snip]
>
> I suggest a wipe of the HD, and a reinstall of the OS from known good media.
> Once it's running the way you want, but BEFORE it's connected to the net,
> install Tripwire.
>
> HTH.
>
> Bill Horne
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://www.blu.org/mailman/listinfo/discuss
More information about the Discuss
mailing list