Firewall Wizards mailing list archives
AW: OK, I've been hacked, now what?
From: Peter.Kunz () sega ch
Date: Fri, 14 May 1999 12:28:07 +0200
-----Ursprüngliche Nachricht----- Von: dbell [SMTP:dbell () bway net] Gesendet am: Dienstag, 11. Mai 1999 19:57 An: firewall-wizards () nfr net Betreff: RE: OK, I've been hacked, now what? On Tue, 11 May 1999 kevin.sheldrake () baedsl co uk wrote:These two activities are expensive. It is naive to assume that because the hacker knows that (s)he is not malicious that the victim will also. It would be careless of the victim to ever assume that a hacker is not malicious.I don't believe that there is an obvious distinction between "malicious" cracking and "harmless" cracking. If someone has compromised your system and altered files, you are really not in any position to assume anything about that person's intentions (or competence; they may have caused damage accidentally).
[Kunz, Peter] That's probably a major issue: evenif it's just a script kiddie that just foudn a hole, not knowing the system, s/he could wreak havoc without intention or even knowing it.
Even if the intention was only to deface a web page, you probably don't know whether or not the first thing the cracker did was to install a back door. Detecting such modifications (assuming you have cryptographic checksums of your original binaries available...) or reinstalling your system is likely to require a lot of time/money.
[Kunz, Peter] Not if you've set up your logging/detection properly :-)
Heuer's Law: Any feature is a bug unless it can be turned off. [Kunz, Peter] :-)) cu -pete
Current thread:
- AW: OK, I've been hacked, now what? Peter . Kunz (May 16)