-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday, 2008-11-04 at 11:01 +0100, Joop Beris wrote:
On Tuesday 04 November 2008 10:44:51 am Carlos E. R. wrote:
On Tuesday, 2008-11-04 at 08:31 +0100, Joop Beris wrote:
The only way to be sure that no executables have been altered, would be to verify the checksum of each executable against the checksum of that file at system installation. You'd need a read-only medium with that checksum
Or against another system installed in the same way, with the same updates.
Okay, granted...but I sincerely hope they don't have more similarly unpatched systems hanging around on their network. If so, the attacker could have penetrated further into the network, not just in this one system (provided the network was set up in such a way to allow that to happen, of course).
Ah, I didn't express myself quite well. I meant installing another system, now, off-network, and compare.
A 9, unpatched... must have many holes. Could even be a script kiddie. Now they'll learn to update.
True, but often people shout "OMG, I've been hacked", while there is something completely different going on with their system, which is causing it to behave unexpectedly. Without knowing what symptoms the system is showing, it's impossible to tell.
Of course. I tend to think the worst, usually, but better make sure.
A script kiddie is most likely...since a real hacker would be a lot better at covering his/her tracks.
A spambot, perhaps... converted this machine into a slave for their things. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkkQKXwACgkQtTMYHG2NR9VMgQCfaxlhbfl+w4L1A5KoKSVm1Rmr BmMAnjWTJIDMS/1tDWmf08stL/sTKEiB =X8sc -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org