Re: [LUNI] cracked

From: Lance Spitzner (lance@spitzner.net)
Date: Thu Mar 01 2001 - 17:59:00 CST

Next message: Dan Yocum: "[LUNI] Searching LUNI archives"

Previous message: Simon L. Epsteyn: "Re: [LUNI] how do I get off this list?"
In reply to: sten@narnia.net: "[LUNI] cracked"
Next in thread: Vitaly McLain: "Re: [LUNI] cracked"
Reply: Vitaly McLain: "Re: [LUNI] cracked"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 1 Mar 2001 sten@narnia.net wrote:

> I got borken into. Anyone know how to get rid of a directory called,
> for instance,
>
> " ~~~~" or, better yet,
> " ^] "
> I know inodes are involved, but there's a hole in my head right after
> that.

If you have been broken into, you cannot trust the system. The attacker
may have gone so far as to modify your kernel. For the truly paranoid,
I recommend the following.

1. Wipe Drive
-------------
dd bs=1000 < /dev/zero > /dev/hda

2. Reinstall
-------------
Insert Installation CDROM of choice, reboot, reinstall

lance

-=-
Linux Users Of Northern Illinois: General Discussion Mailing list.
For unsubscription, archives, and announcements only see http://luni.org

Next message: Dan Yocum: "[LUNI] Searching LUNI archives"
Previous message: Simon L. Epsteyn: "Re: [LUNI] how do I get off this list?"
In reply to: sten@narnia.net: "[LUNI] cracked"
Next in thread: Vitaly McLain: "Re: [LUNI] cracked"
Reply: Vitaly McLain: "Re: [LUNI] cracked"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Mar 01 2001 - 18:01:02 CST