[LUNI] Regenerate all binaries?David Ehle ehle at agni.phys.iit.eduTue Jun 3 13:22:34 CDT 2003
Basicly, yes. I don't have time to rebuild it right now, but I would like to clean out the worst of the crud till I can sort through the stuff I need to keep and rebuild from scratch. I've verified some basic tools like ps, bash, lsof, found the backdoors and disabled them enough that I feel confortable that it will hold for today, but I would like to give it a good scrubbing so I can wait till some other deadline projects are done before rebuilding from scratch. I also want to have something usable while I try to figure out where the issue started (what package or service) so I can warn the author and avoid it in the future. On Tue, 3 Jun 2003, bliss at attbi.com wrote: > Just out of curiosity, what are you trying to do? Are you trying to retain the > existing system without having to rebuild the box? > > A hacked system is a broken system. It should be rebuilt from the ground up. > You do not know what has been changed, compromised, etc. You cannot be certain > that anything like this would restore this system to a pristine condition > without some portion of the hack lingering around. > > Jim > > > > This is sort of a follow up from my last post about being hacked. > > > > I've found various bits and pieces of the rootkits changes. Replaced my > > passwd, some libraries ect. > > > > I was wondering if there is a way to use apt under debian to replace just > > about everything with known good versions from the debian pool? > > > > I DON'T think it has the ability to do a fingerprint check on files and > > update them selectivly, but I would settle for a straight re-installation > > of everything I've got on the fly. > > > > Is there a way to get apt/dselect/dpkg to do this? > > > > Thanks! > > David. > > > > ______________________________________________________________________ > > Linux Users Of Northern Illinois - Technical Discussion > > luni at luni.org > > http://luni.org/mailman/listinfo/luni > ______________________________________________________________________ > Linux Users Of Northern Illinois - Technical Discussion > luni at luni.org > http://luni.org/mailman/listinfo/luni >
More information about the luni mailing list |