Re: OK, I've been hacked, now what?

["Bluefish [@ home]" <11a () gmx net>]

> I strongly suspect that the truth lies somewhere between these extremes, and is
> HIGHLY context-dependent.  The cost of recovering a very simple sit is low (back
> up from tape) while the cost of recovering a site that stores any kind of secrets
> will be very high.

Suppose so. In contrary to the case outlined here, I am aware of an much
different case where the problems begin with the fact that the original
admin dumps the job because of the bad pay and gets a new job, and the new
staff is utterly unqualified to perform his job (eventually, it turns out
that they needed *four* men to replace the original admin)

Various security problems emerge, and while no one cares about it,
eventually wide spread abuse becomes present. In some cases, the admins
are notified but nothing is done. The admins themselves are probably the
greatest danger, using admin accounts for everything even on untrusted
workstations.

Eventually, the cost becomes something close to 50000 SEK (about 5000
punds). I found the cost interresting as I had been one of those who had
discussed the problems with a person within the organisation. Turns out,
the bigger part of the cost is a brand new server - which is needed as the
server were believed to both have damaged hardware and being to slow for
the tasks needed. However, how much I think about it I cannot see any
logic in how faster processors, new network cards and greater harddisks
improves the security.

This cost was for a site with ONE singel server.