[lug] R00tKIT!! Raah!
Zan Lynx
zlynx at acm.org
Tue Jun 14 20:49:43 MDT 2005
You can be safe from that if you boot from a live-CD or rescue CD.
You'd want to use a clean source for your checksum data too.
On Tue, 2005-06-14 at 20:42 -0600, Bear Giles wrote:
> David Anselmi wrote:
> > I wouldn't trust cleaning the system unless I had a way to verify all
> > the files on it. Most of those came from packages, so if you can
> > compare checksums between your files and those from the official
> > packages (using only programs you've already verified) you might be good.
>
> I wouldn't trust checksums since an undetected rootkit may still
> change the results. But I don't think it's hard to reinstall
> packages. E.g., in Debian it's
--
Zan Lynx <zlynx at acm.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20050614/e7da9e42/attachment.pgp>
More information about the LUG
mailing list