On Wed, 18 Sep 2013 09:47:27 +0200 Paul Wise <p...@debian.org> wrote:
> On Wed, Sep 18, 2013 at 9:36 AM, Török Edwin wrote: > > > Why not just reinstall from a trusted source, then > > restore /etc, /home and /var from backups and audit the changes > > introduced by that only? > > That is a slightly short-sighted way to do it; if you restore from > scratch without doing any forensics you won't know which methods your > attackers used and how you can defend yourself from them after you > have restored the system from scratch. Perhaps they will attack you > again soon afterwards. > And say there are no traces how they did it. Then what are your options? -- Marko Ranđelović, B.Sc. Software Developer Niš, Serbia marko...@eunet.rs http://mr.flossdaily.org Note: If you see a nonsense enclosed between lines BEGIN PGP SIGNATURE END PGP SIGNATURE then this message is digitally signed using OpenPGP compliant software. You need an appropriate plugin for your email client or other OpenPGP compliant software in order to verify the signature. However, the concept of computer insecurity implies digital signature is not absolute proof of identity. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130922181858.78922...@eunet.rs
