lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040213160943.GX18584@hyper>
From: gadgeteer at elegantinnovations.org (gadgeteer@...gantinnovations.org)
Subject: Re: Removing FIred admins

On Fri, Feb 13, 2004 at 09:02:28AM +0100, Volker Tanger (volker.tanger@...ewe.de) wrote:
> If you have to assume being compromised, re-install and re-configure all
> your systems starting from scratch and clean media (boot from CD,
> partition harddisc, format HD, install base system, ...) - 

I would amend that a person in such a position start with system(s) easily 
isolated.  Then with an established secure core grow it across the install 
base.  The initial core's function is monitoring and security based.  Then 
when one can reasonably ensure integrity going forward bring the gateway 
systems into the intranet into this core.  At this point control should be 
re-established over the environment and rebuilding those critical business 
systems makes sense.

Another message in this thread pointed out that this is more of a social 
issue then a technical one.  I essentially agree with this position.  
Exposition of social strategy is off-topic for this mailing list.
-- 
Chief Gadgeteer
Elegant Innovations


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ