[rescue] small help please.
lists at elbonia.org
Wed Apr 21 18:52:04 CDT 2004
Jonathan C. Patschke wrote:
> On Wed, 21 Apr 2004, Gary Nichols wrote:
>>Uh, you're still using that machine has a production machine? Dude - take
>>that machine offline NOW, do a backup, reinstall and restore good data.
> It must be something in the air. $client just had his box r00ted and
> wouldn't hear of an OS reload.
> Bitch as I might about RedHat, it sure it nice to be able to do rpm -Va
> and see what got clobbered. Also, it helps that $weenie left his
> rootkit (including its install script) lying around.
> Still, I'd NOT NOT NOT NOT NOT recommend keeping a rooted box in
> production without erasing its discs and reloading the OS.
>>Use best practices. Trying to save a r00ted machine is like trying to
>>make love to sigourney weaver after she has that alien baby growing in her
>>womb. Tempting, but deadly.
> Lucky for me I'm doing it with a borrowed tool, then, eh? :)
I am in the process of getting an other machine setup from scratch
so thats in the cards. I will never try to run a box thats been rooted
as a production server. Seems to be a lot of them flying around my
root kit was of the servgg variety EGGDROP IRC BOT type.
easy to kill.
wonder how i got it ?
More information about the rescue