10 Apr
2005
10 Apr
'05
5:04 a.m.
Chris Mauritz wrote:
That is absolutely the way to handle a hacked machine. Unless you've got MD5 fingerprints of each file on the system (a la tripwire), there is no way of knowing where the naughty people may have stashed future surpises for the original poster.
And even then you need to have those fingerprints on RO media and verify them off-line (relative to the machine's normal state) such as from a bootable rescue CD.
--
Phil Brutsche
phil@brutsche.us