Security Basics mailing list archives

ridiculous situation

From: harley mcdonald <harleyqmcdonald () yahoo com>
Date: Wed, 27 Nov 2002 12:06:12 -0800 (PST)

hi,

this is kinda broad...say you've inherited 5 ( R.H.
linux ) machines.   all of which have been on for a
year, not firewalled and not backed up.

management has a "ain't broke don't fix" mentality.  i
guess, what would you do?   how would you be sure
there are no trojans, bots etc...chkrootkit and so on,
i suppose, but how reliable will the results be?   how
can i be sure there isn't a key-logger in the kernel.

you can't simply firewall them off and leave them for
dead.   legal action can be taken against the company
in the event of a break-in and subsequent attacks on
other companies.

and on and on. 

any ideas?

h
..

__________________________________________________
Do you Yahoo!?
Yahoo! Web Hosting - Let the expert host your site
http://webhosting.yahoo.com

Current thread:

ridiculous situation harley mcdonald (Nov 28)
- Re: ridiculous situation bda (Nov 28)
  - Re(2): ridiculous situation Christian Friedl (Nov 29)
- Re: ridiculous situation Glenn Valenta (Nov 29)
- <Possible follow-ups>
- re: ridiculous situation H C (Nov 29)