hi Devin..
okay...yes...sorry...didn't mean it that way... but
yes.. we all assume they would apply all known patches
to date ....
and we're also assuming that the backup does NOT have any
binaries that would un-install/overwrite the good/new patched binaries ???
- backups should only contain "user data"...
- or carefully apply your backups to the patched servers...
- or apply the backups than all the patches...
have fun
alvin
> > > No analysis, rebuild system: low risk, moderate labor.
>
> > extreme high rish....100% guraranteed that they will get back in
> > since you did NOT patch the system the first time... doing the
> > same thing is 100% guranteed they will get in again should they
> > return or other kiddies attempt the same exploit in the same manner
>
> Alvin, I was taking it as a given that anyone interested enough to
> give a rip that their server had been compromised would take the
> time to apply the fix for their vulnerability. Otherwise, just keep
> it up the way it is and don't touch it; fixing it will only be a
> temporary measure anyway...
>
> Fix the hole, yes. But recovering the system from a known good
> backup or by scratch re-build gives you a stable platform from which
> to apply the fixes properly.
>
> --
> Devin L. Ganger <[EMAIL PROTECTED]>
> find / -name *base* -exec chown us:us {} \;
> su -c someone 'export UP_US=thebomb'
> for f in great justice ; do sed -e 's/zig//g' < $f ; done
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
