Security Incidents mailing list archives
Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition
From: "Jamie Riden" <jamie.riden () gmail com>
Date: Thu, 31 Jan 2008 16:54:56 +0000
No, that's the only option at all. You can investigate as much as you like, it's not a good idea to bring the box back online without a complete re-install. cheers, Jamie On 31/01/2008, Eduardo Tongson <propolice () gmail com> wrote:
Yes I agree that this is the only option when you do not have the resources or skills to investigate thoroughly. Ed <http://blog.eonsec.com> On Jan 31, 2008 2:15 AM, Jason Stelzer <jason.stelzer () gmail com> wrote:All bets are off because there is no way to conclusively prove that a compromise stopped at a certain point. Best practice dictates that you reimage the box[1]. The issue really is that nobody has complete knowledge of everything. Any number of as yet unreported exploits could have been used to elevate privileges for example. I'll go out on a limb and claim that various blackhat communities know of exploits that vendors and admins are as yet unaware of.
-- Jamie Riden / jamesr () europe com / jamie () honeynet org uk UK Honeynet Project: http://www.ukhoneynet.org/
Current thread:
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition, (continued)
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition Gary Baribault (Jan 28)
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition Graeme Fowler (Jan 28)
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition Eduardo Tongson (Jan 28)
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition Graeme Fowler (Jan 29)
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition Paul Schmehl (Jan 29)
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition Valdis . Kletnieks (Jan 29)
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition Eduardo Tongson (Jan 30)
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition Graeme Fowler (Jan 30)
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition Jason Stelzer (Jan 30)
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition Eduardo Tongson (Jan 31)
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition Jamie Riden (Jan 31)
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition Eduardo Tongson (Jan 31)
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition Eduardo Tongson (Jan 28)
- Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition Jon R. Kibler (Jan 28)