On Wed, Jul 15, 2009 at 12:34:10AM -0600, Gabriel Gunderson wrote: > On Tue, Jul 14, 2009 at 7:49 PM, Scott Morris<[email protected]> wrote: > > When you have been hacked: > > I don't mean to be a downer, but I've got bad news... The only thing > to do if you've already *been hacked* is re-install and rebuild from > trusted sources. Really, they've out smarted you once, are you going > to give them another chance? > > Well, I guess if you had md5/sha1 sums (that you can trust) of every > file on your system and you're willing to go file-by-file and verify > them when mounted on a trusted system (*not* the one that was hacked), > then, maybe, you could sleep again at night knowing all is well.
Even then, the kernel could be modified to lie about the contents of the files. You really can't trust anything. > I've got good news too... Installing Linux has never been easier and > this will give you a change to test your CAREFULLY written and > THOROUGHLY tested recovery plan. I highly recommend having your own kickstart script and/or postinstall script. There should be a little script that installs all of the packages that you need and checks out config files from a Git repository. This makes it really easy to recover from problems, whether they come from hacking, hardware failure, or mistakes. -- Andrew McNabb http://www.mcnabbs.org/andrew/ PGP Fingerprint: 8A17 B57C 6879 1863 DE55 8012 AB4D 6098 8826 6868 /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
