rootkit?

Gene Heskett gene.heskett at verizon.net
Sun Dec 11 14:42:13 UTC 2005


On Sunday 11 December 2005 01:16, Scot L. Harris wrote:
>On Sun, 2005-12-11 at 00:59, Kam Leo wrote:
>> Isn't rebuilding a little extreme?  If the cracker got into an
>> unpriviledged user's account and no further isn't that particular
>> user account the only thing at risk?  Shouldn't changing all
>> passwords to strong ones and deleting the infected user account and
>> files be sufficient?
>
>How can you be sure they did not crack the root account and bury code
> on the system to maintain control?  Or crack other user accounts?
>
>If you take half measures and the system is compromised again you may
>not know how or when it happened.  And if the cracker gets pissed
> that you deleted his spam software he might use your system for
> other purposes or cause other damage before you can get it cleaned
> out.
>
>Hopefully his son learned from this why strong passwords are needed.

Yeah, when I heard what his sons pw was, it blew me away.  Beyond dumb 
even.  I had given Jim a set of FC4.2 cd's a couple of weeks ago, so 
this really does sound like a good excuse to blow FC3 away and install 
FC4.2 from scratch.  Its a dual boot box cause linux support for audio 
studio editing still sucks & he is also a musician/author.  The 
windows apps for that Just Work(TM).

-- 
Cheers, Gene
People having trouble with vz bouncing email to me should use this
address: <gene.heskett at verizononline.net> which bypasses vz's
stupid bounce rules.  I do use spamassassin too. :-)
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2005 by Maurice Eugene Heskett, all rights reserved.




More information about the fedora-list mailing list