lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: gadgeteer at elegantinnovations.org (gadgeteer@...gantinnovations.org) Subject: Re: Removing FIred admins On Fri, Feb 13, 2004 at 09:02:28AM +0100, Volker Tanger (volker.tanger@...ewe.de) wrote: > If you have to assume being compromised, re-install and re-configure all > your systems starting from scratch and clean media (boot from CD, > partition harddisc, format HD, install base system, ...) - I would amend that a person in such a position start with system(s) easily isolated. Then with an established secure core grow it across the install base. The initial core's function is monitoring and security based. Then when one can reasonably ensure integrity going forward bring the gateway systems into the intranet into this core. At this point control should be re-established over the environment and rebuilding those critical business systems makes sense. Another message in this thread pointed out that this is more of a social issue then a technical one. I essentially agree with this position. Exposition of social strategy is off-topic for this mailing list. -- Chief Gadgeteer Elegant Innovations
Powered by blists - more mailing lists