On Fri, May 25, 2001 at 02:13:14PM -0700, Eric Robinson wrote:
> In an ideal world, I suppose we would have time to conduct an "exhaustive
> forensic analysis" of each of the 9000+ effected systems.
Nope. That's where the risk analysis comes in.
"How much risk will I be at, versus the amount of labor invested?"
Full analysis + actions indicated: low risk, extremely high labor.
No analysis, rebuild system: low risk, moderate labor.
Light analysis, plug holes: unknown risk, low labor.
> We plugged the hole and moved on. Twenty days later, still no apparent
> problem or strange activity on the server. No exhaustive analysis performed.
> No hard drive reformatted. No time wasted.
This time. Until the black hats get smarter than your instinct.
--
Devin L. Ganger <[EMAIL PROTECTED]>
find / -name *base* -exec chown us:us {} \;
su -c someone 'export UP_US=thebomb'
for f in great justice ; do sed -e 's/zig//g' < $f ; done
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
