Thank you for the hints. I think I go for the rainy weekend solution.
--- Bret Hughes <[EMAIL PROTECTED]> skrev: > On Wed, 2002-10-23 at 15:37, linux power wrote: > > Ok. Then I think I buy a used PC and use it as a > > router for my windozes and install a minimum > > configuration. > > > > exactly what I did. The real issue now is in my > paranoid mind is that > you do not know what sort of stuff has been > installed/ modified > including the system tools that are normally used to > track down these > sort of problems. Your logging module for ipchains > has been dinked with > that we know of and that is really scary unles > someone comes back and > says hey, that is done by blah blah it is not a > problem. Not likey IMHO. > > Now having said all that, I am assuming that you > will still be using > this box behind the firewall that you are going to > build. I submit that > your old machine can still be used in some sort of > DDOS attack or > scanning since connections to the big bad interent > can be made from > within the trusted network and your firewall will > allow that to happen > of course. > > As was mentioned very early in this discussion, by > others before I put > my 2cents in, you have NO way of knowing what has > changed without some > really serious forensic work and that has bee > hampered by the lack of > intrusion detection software that would of at least > have given you a > baseline if done correctly. > > I know it is a pain in the rear, but remember that > you may be > contributing to the spread of the worm or whatever > it is that made in > onto your system and causing significant damage to > other people's > system. I would not want to be responsible for that > simply because I > was too lazy to go through the hassle of > reinstalling and I Hate > reinstalling. I did theximian evo thing about a > year ago and I have > been unable to make myself take the time to redo the > mess ximian made > because my laptop is my primary computer. > > Do us all a favor, and pick a rainy weekend and > rebuild the hacked box. > > Bret > > > > -- > redhat-list mailing list > unsubscribe > mailto:redhat-list-request@;redhat.com?subject=unsubscribe > https://listman.redhat.com/mailman/listinfo/redhat-list ===== http://home.no.net/~knutove/knut_ove_hauge_kuren.htm ______________________________________________________ Se den nye Yahoo! Mail på http://no.yahoo.com/ Nytt design, enklere å bruke, alltid tilgang til Adressebok, Kalender og Notisbok -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
