| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: dufresne at winternet.com (Ron DuFresne) Subject: Removing ShKit Root Kit Hell, if the concern about valid data is nothing, why even restore the OS and all, just allow the hacker unmitigated access from now till they tire, or sell your system access to a pal... > > It always will depend on the situation. Is throwing away a few million > transactions acceptible, when it might take a couple of hours or less to > compare the Oracle user list against a known good list? Should you > scrutinize each of those millions of transactions that occured between > compromise and detection to make sure each and every one of them are > legit? If doing so costs more than it is worth (define as you wish), it > won't happen, and shouldn't. > Not going over the most recent transactions could well cost one, depending of course on the data stored within. Say it's a DB of all the purchases for your new $100 killer app, and at a few million adulterated transactions, dropping the going price from $100 to say $0.01, what have you got now, time to file those bankruptcy papers? Good thing you saved yourself a few hours! Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
Powered by blists - more mailing lists