| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri Aug 19 20:28:45 2005 From: chromazine at sbcglobal.net (Steve Kudlak) Subject: Disney Down? Micheal Espinola Jr wrote: >Absolutely. Once a system has been exploited in such a manner, it is >completely untrustable. It should most definitely be wiped. > >The IT ppl in SDC (and many other places) need to all be lined up and >smacked Three Stooges style. > >On 8/19/05, Donald J. Ankney <dankney@...setfilms.com> wrote: > > >>Any IT department that simply removes a worm and shoves a box back >>into production has serious issues. >> >>After a machine has been compromised, it should be wiped and rebuilt. >> >> > > > As a practical matter how many boxes are we talking about. I mean I have removed worms and viruses (note I don't use the l;ural virii because it is too close to the proper Latin Plural of "men";) and put boxes back into use. But not in places that are critical. Does one rebuiild everytime something goes wrong? Seems extreme to me. I dunno if this is the place to discuss issues like this. Now of course with worm designers getting more sophisticated it might be that more extereme measures should be taken earlier in the descision chain. Now if people implement a really adequate backup system, like everything over the last hour is safely backed up it might be possible to do that. Anyway it is an interesting case, easy to say now that I am disabled and watching from the sidelines. Have Fun, Sends Steve -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050819/0c85ab81/attachment.html
Powered by blists - more mailing lists