Full Disclosure mailing list archives
Re: Removing ShKit Root Kit
From: "Paul J. Morris" <mole () morris net>
Date: Mon, 22 Dec 2003 15:49:37 -0500
On Mon, 22 Dec 2003 13:52:57 -0600 "Schmehl, Paul L" <pauls () utdallas edu> wrote:
This advice is common, and it's always mystified me. Why would you want backups of the "data"?
Because you may not hold a master copy of the data elsewhere or have made a backup copy yet. There may be data on the compromised machine that have entered it from the internet such that you only obtain alternate copies of when you make a backup of the data on that machine. The current subscriber base for an email listserver (where new subscribe and unsubscribe requests may have arrived since the last backup) comes to mind. -Paul ------------- Paul J. Morris Biodiversity Information Manager, The Academy of Natural Sciences 1900 Ben Franklin Parkway, Philadelphia PA, 19103, USA mole () morris net 1-215-299-1161 AA3SD PGP public key available
Attachment:
_bin
Description:
Current thread:
- Re: Removing ShKit Root Kit, (continued)
- Re: Removing ShKit Root Kit Brian Eckman (Dec 22)
- Re: Removing ShKit Root Kit Gino Thomas (Dec 22)
- Message not available
- Re: Removing ShKit Root Kit Gino Thomas (Dec 22)
- Re: Removing ShKit Root Kit Brian Eckman (Dec 22)
- Re: Removing ShKit Root Kit Nathan Bates (Dec 22)
- Re: Removing ShKit Root Kit Brian Eckman (Dec 22)
- Re: Removing ShKit Root Kit Nathan Bates (Dec 23)
- Re: Removing ShKit Root Kit Larry W. Cashdollar (Dec 22)
- Re: Removing ShKit Root Kit Brian Eckman (Dec 22)
- Re: Removing ShKit Root Kit Gregory A. Gilliss (Dec 22)
- Re: Removing ShKit Root Kit Ron DuFresne (Dec 22)
- Re: Removing ShKit Root Kit Jason (Dec 22)
- Re: Removing ShKit Root Kit Cael Abal (Dec 23)
- Re: Removing ShKit Root Kit Brian Eckman (Dec 23)
- Re: Removing ShKit Root Kit Gregory A. Gilliss (Dec 23)
- Re: Removing ShKit Root Kit Jason (Dec 23)