On Mon, Apr 16, 2007 at 10:45:24AM -0400, Daniel B. wrote: > Andrew M.A. Cater wrote: > >On Sun, Apr 08, 2007 at 03:44:33PM -0700, Kamaraju Kusumanchi wrote: > ... > >>My system (Debian Etch) has been recently compromised and I deleted most > >>of the suspicious files. However I am not sure about these. Is it safe to > >>delete them or do you think some process expects them to be there? > ... > >Use Darik's Boot and Nuke to wipe the disk as thoroughly as you can. > >Then re-install with Etch and clean media. > > Why would you need to erase the disk like that? > > (As long as you re-create the systems on the partitions, there's no > way the unerased sectors from previous files (from the compromise, > before the file-system re-creation) will be strung together to re-create > the bad files, right?)
Why risk it? Personally, I'd boot with grml and use wipe on the whole device. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
