Security Basics mailing list archives
Re: RE: Network Compromised
From: pg.vlad () gmail com
Date: Sat, 2 Aug 2008 01:47:49 -0600
I agree with Murda, by wiping out your home install you may well have lost valuable forensic evidence. If they did get in your home system first then into work, then an audit would let you know of any changes to the server. You could lock it back down in a few hours considering that no major services were root kitted, but then the question remains do you continue to use the server? In the back of my mind I would have to wonder what timebomb was left on that system. The good thing is that one compromise led to the other, not sure the order, I'd have to say home was done, then work. It's far easier to get into a home system than an enterprise system.
Current thread:
- Re: RE: Network Compromised pg . vlad (Aug 03)
- Re: RE: Network Compromised Jakub (Aug 05)