[Techtalk] Server was broken into ... what good tools are there to probe vulnerabilities?
Raven, corporate courtesan
raven at oneeyedcrow.net
Wed Nov 21 14:19:47 EST 2001
Quoth Jeff Dike (Wed, Nov 21, 2001 at 01:55:46PM -0500):
> raven at oneeyedcrow.net said:
> > Then reinstall from original source media and restore your backups of
> > data.
> Backups are suspect if you don't know for how long you've been rooted.
They can be, yah. That's why I specified backups of data, and
no binaries. (Read: nothing executable. Check all your scripts, too.)
That lessens your risk of having a backdoor on there -- even if they
have one in your data, if it's not +x it can't (to the best of my
knowledge) do anything.
"I'm eating stealth cheese that may or may not be immortal?"
-- Danielle, on pizza and perpetuity
More information about the Techtalk