On Thu, 26 Jan 2012, Brandon Allbery wrote:
On Thu, Jan 26, 2012 at 08:37, Lynda <shr...@deaddrop.org> wrote:
On 1/26/2012 2:29 AM, Dan Foster wrote:
Hot Diggety! Tom Perrine was rumored to have written:
On Tue, Jan 24, 2012 at 12:08 PM, Dan Schlitt<d...@2600c.com> wrote:
Thanks for all the suggestions. Reinstalling didn't seem to change
anything, To take care of the file I just pointed it to /devnull.
If you haven't done the full system re-install, you really need to go
that route.
Tom speaks the absolute truth. From what you've described so
far, you've been compromised badly.
I can't believe this discussion is still going on. Let me add yet another
voice here. It's pre-caffeinated, so I'm trying to be on my good behavior.
It may be pre-caffeinated, but it's dead on target. That machine is not
trustworthy, period.
To the OP:
Duplicate the hard drives if you want to perform forensics, then nuke and
pave. Ideally, restore only from trusted media, not from anything that was
actually on the compromised system. DO NOT TRUST ANYTHING ON THE
COMPROMISED SYSTEM.
Also keep in mind, it's not only this system and it's data that are the
issue. If the attacker has control of this machine they can use it to
attack others (both within your network and outside of it).
David Lang
_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
