Re: No Security is Bad Security:

[mouse () RODENTS MONTREAL QC CA (der Mouse)]

> > 1) Don't log in as root on a machine that most likely has been
> > compromised. Bsd things can happen.
> You have to login as root to shutdown the system.  You don't want to
> 'just turn it off' since you can loose [sic] data.

How?  What does just turning it off potentially lose me?  At most, I
think, it risks a little filesystem damage.  Unfortunately shutting
down risks more, especially since if there are files open but unlinked,
I want to know what's in them!  If I take the disk offline - or,
equivalently, just power the system off - then I can use fsck -n or
iorphan to find such files and dumpi to look at them.  If I shut down
"cleanly", they will get destroyed.

Preferable to either, from an information preservation perspective, is
to forcibly crash the system, so as to get a kernel coredump.  This may
or may not be worth the effort, depending on such things as whether
anyone is available with the skill, time, and inclination to grovel
through it looking for evidence.

                                        der Mouse

                               mouse () rodents montreal qc ca
                     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B