[Techtalk] Server was broken into ... what good tools are there to probe vulnerabilities?

Raven, corporate courtesan raven at oneeyedcrow.net
Wed Nov 21 14:19:47 EST 2001

Heya --

Quoth Jeff Dike (Wed, Nov 21, 2001 at 01:55:46PM -0500):
> raven at oneeyedcrow.net said:
> > Then reinstall from original source media and restore your backups of
> > data.
> Backups are suspect if you don't know for how long you've been rooted.

	They can be, yah.  That's why I specified backups of data, and
no binaries.  (Read: nothing executable.  Check all your scripts, too.)
That lessens your risk of having a backdoor on there -- even if they
have one in your data, if it's not +x it can't (to the best of my
knowledge) do anything.

"I'm eating stealth cheese that may or may not be immortal?"
  -- Danielle, on pizza and perpetuity

More information about the Techtalk mailing list