[techtalk] bizarre....

[Cynthia Dale]

The same idea works with CD-ROMs, so you can use RPM binaries from a
CD-ROM.

A tool I like to play around with is Trinux, which is actually a very
small Linux OS.  (www.trinux.org)

It's basically a kernel and a few tools like netstat and stuff, but the
lovely thing about it is that you can add whatever you like to it.  The
bus on my daughter's machine was fried, and for a while we just used 3
Trinux disks as her OS.  (:  But anyhow, you don't have to boot your
system to go in and take a look at it, so anything that might be scheduled
to run, or any kind of trojanned binary on the system won't be able to do
damage, as the system won't be live, and you'll only run the binaries
which come with triinux (or which you get from a trusted place such as a
CD) to check out the system with.

Cindy

Cynthia J. Dale
Technical Engineer/FAQ maintainer
Red Hat, Inc.

fnord.


On Mon, 13 Dec 1999, Conrad Golightly wrote:

> Date: Mon, 13 Dec 1999 19:52:04 -0600
> From: Conrad Golightly <acow at home.com>
> Reply-To: techtalk at linuxchix.org
> To: techtalk at linuxchix.org
> Subject: Re: [techtalk] bizarre....
> 
> Seagate Eagle hard drives have a jumper that makes them read-only; keep RPM
> and the MD5 checksums of your system stuff or anything else that you could
> use to investigate a break-in on one of those puppies. You simply CAN'T
> modify anything when its physically write protected. =)
> 
> 
> > Yup.  The intruder could have done any number of things, which is why I
> > suggested reinstalling.  The other stuff I suggested was just to try to
> > find out how it was done, so it could be prevented in the future.  Nothing
> > worse than getting hacked and not knowing how...
> 
> 
> 
> ************
> techtalk at linuxchix.org   http://www.linuxchix.org
> 


************
techtalk at linuxchix.org   http://www.linuxchix.org