Mailing List Archive
Support open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Have I been hacked?
- To: tlug@example.com
- Subject: Re: [tlug] Have I been hacked?
- From: "Stephen J. Turnbull" <stephen@example.com>
- Date: 02 Mar 2002 16:46:15 +0900
- Content-type: text/plain; charset=us-ascii
- In-reply-to: <200203020606.g2266n811837@example.com>
- Organization: The XEmacs Project
- References: <200203020606.g2266n811837@example.com>
- Sender: "Stephen J. Turnbull" <steve@example.com>
- User-agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.4 (Common Lisp)
>>>>> "Jim" == Jim Breen <jwb@example.com> writes:
Jim> I am thinking of making a tgz of /home (while off-line),
Jim> copying it away elsewhere (I think I have enough space in the
Jim> Windblows partition), then doing a repartition and fresh
Jim> install. Presumably that would be pretty safe.
Once you get off line scan /home for
1) directory names starting with a .
2) filenames containing control characters and the like
3) executables whose purpose you don't know
Do this with executables from a floppy, preferably by booting from an
external fs like floppy or CD-ROM. Yes, there are rootkits that
replace ls et al. (Consider the fakeroot package that is used to
allow you to write a .deb or .rpm as though you were root, ie,
changing groups and stuff like that.)
--
Institute of Policy and Planning Sciences http://turnbull.sk.tsukuba.ac.jp
University of Tsukuba Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
Don't ask how you can "do" free software business;
ask what your business can "do for" free software.
- References:
- Re: [tlug] Have I been hacked?
- From: Jim Breen
- Re: [tlug] Have I been hacked?
- Prev by Date: Re: [tlug] Selective mojibake email
- Next by Date: [tlug] test
- Previous by thread: Re: [tlug] Have I been hacked?
- Next by thread: Re: [tlug] Have I been hacked?
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |