I agree with Ron. Also, I agree with all points presented. If you're ultra paranoid, run your individual processes in containers or chroot them as well. Do the whole OpenBSD thing.
On 2014-01-29, at 5:41 PM, Ron <[email protected]> wrote: > On 2014-01-29 17:37, Kevin wrote: >> It is >> a horrible and time consuming mess to deal with, usually resulting in >> the rebuild of that server... > > Usually rebuilding the server!? As long as "retiring" is the only other > option, I can live with that. But ever trusting a server again after an > attacker had root access is a dangerous situation. :) > > Ron > _______________________________________________ > SkullSpace Discuss Mailing List > Help: http://www.skullspace.ca/wiki/index.php/Mailing_List#Discuss > Archive: https://groups.google.com/group/skullspace-discuss-archive/ _______________________________________________ SkullSpace Discuss Mailing List Help: http://www.skullspace.ca/wiki/index.php/Mailing_List#Discuss Archive: https://groups.google.com/group/skullspace-discuss-archive/
