[clug] mc-root anyone?
Michael Still
mikal at stillhq.com
Thu Jun 18 21:07:04 GMT 2009
Daniel Pittman wrote:
> Michael Still <mikal at stillhq.com> writes:
>> - is there anything else I should do to this machine?
>
> That depends how much paranoia you have. My general experience, these days,
> is that many attackers are quite happy to automatically compromise a system
> and run a robot; they don't bother to go beyond that point.
>
> So, you /could/ be trusting and assume that they are kicked off and you are
> now safe.
>
> Alternately, you could go back to your last pre-compromise backup on the
> assumption that if they have root they also have a rootkit that makes them
> undetectable — or they left the obvious compromise as a dummy to make you feel
> better when you got rid of it, despite being still compromised.
Cool. I don't backup system files, just data... I guess that makes an OS
reinstall the equivalent operation. In four days this machine goes into
a shipping container on the high seas for 65 days. I think its biggest
risk to the internet is something involving a guy with a peg leg at that
point.
I'll keep an eye on it until then, but the whole thing is surprisingly
simple, which is interesting in itself.
Mikal
More information about the linux
mailing list