[Gllug] r00ted?

[Tethys]

Darren Beale writes:

>So, reading up, all sensible solutions seem to be bring the machine up 
>in single user mode, disconnected from the network and re-image it, but 
>this is not feasible, the machine has to be up now.

No, it doesn't. Put it this way, what's the cost to your business of
running without that box for a couple of hours while you rebuild it?
What's the cost to your business of running with a compromised machine
on your network, with a cracker posting your company's trade secrets
on the net, sniffing all your passwords, leaving backdoors in machines
other than just the initally compromised one?

Worth taking the machine down for a couple of hours? Thought so...

Tet

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug