Re: possible hack thoughts please
From: Jem Berkes (jb_at_users.pc9.org)
Date: 06/19/05
- Previous message: Newsbox: "Re: 72.14.207.104"
- In reply to: epicwinter_at_hotmail.com: "possible hack thoughts please"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 19 Jun 2005 17:20:54 GMT
> The computer i ssh into was mysteriously rebooted
> today and as far as I know there was no power outage and now major
> errors in the logs.
Those ssh scans are very common these days (I receive them daily). If the
only unusual thing beside that is a reboot, there may be other common
causes such as a glitch in your hardware - memory, motherboard or even a
kernel/driver bug.
If you want to make a relatively secure system that is easy to recover...
one way to do this is build a fresh install with up to date software and
burn a bootable CD. You'll still need a hard drive to mount /home and /var
Then set your computer to boot only from the CD-ROM drive. Now your root
file system, all programs, etc are guaranteed read-only. In case of problem
just punch the reset button and your system comes back up guaranteed clean.
This makes it difficult to install new software obviously and it does not
prevent intrusions on its own, but it lets you instantly revert back to
clean. Also access off the CD will mean slower loading of many things.
-- Jem Berkes Software design for Windows and Linux/Unix-like systems http://www.sysdesign.ca/
- Previous message: Newsbox: "Re: 72.14.207.104"
- In reply to: epicwinter_at_hotmail.com: "possible hack thoughts please"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
