Re: Urgent!!! My computer seems to be hacked, pls HELP!!!



On Fri, 15 Sep 2006 02:13:50 GMT, Randy Yates <yates@xxxxxxxx> wrote:

Grant <bugsplatter@xxxxxxxxx> writes:

On Thu, 14 Sep 2006 23:20:22 GMT, Randy Yates <yates@xxxxxxxx> wrote:
....
tar cvzf .../backup-config.tar.gz /etc /boot/config-*

Ha! And you think that's all there is to it? What about
all the libraries and sym links strung all over heck?

Wipe OS partition (6Ps)

6Ps?
Prior Planning Prevents Piss Poor Performance ;)

re-install OS, unpack backup-config to /tmp
and cherry pick custom .conf files

Oh yeah - that's going to be a picnic. I just
did a count in my /etc and I have 405 configuration
files.

The most recent dozen or so matter, the rest don't. I don't run an MTA
here, but got samba, nfs, sshd, etc.

And I think you're being optimistic.

Well I took a config backup and updated to slack-current 'live', prepared
to reinstall if it fell over, it didn't fall over, renamed some .new configs
to replace old ones, checked and kept custom configs, rebooted to get all
new files into memory: pppoe, web, ftp, sshd servers all fine.

Offline time 1 or 2 minutes. Box is Internet facing router / server.

If you have separate
/home and /usr/local partitions, replacing the OS is a snap...

Although I couldn't name a specific one, I bet there are more than a
few local apps that install themselves in /usr/bin and whatever other
non-standard locations, and they don't ask the installers permission
for it.

That should be under admin control -- I expect non-distro apps to go
into /usr/local area, I don't know why so much extras are shoved into
the OS 'space'.

Again, a logbook (or text file) of changes made helps a lot.

I've been wondering lately if there's some God-send utility that would
track installs for the purpose of alleviating the pain of such
reinstalls.

There is one called 'checkinstall', dunno if it is generic, never used
it. Takes place of the 'make install' step and records all the damage
and insults to the OS for later unwind?

Grant.
--
http://bugsplatter.mine.nu/
.



Relevant Pages

  • RE: Deployment Architecture/Attach SQL MDF
    ... manage SQL Server instance in code. ... Backup and Restore with User Instances ... you can use such code in your custom action program or class. ... Install SQL Server 2005 from the Command Prompt ...
    (microsoft.public.dotnet.languages.vb)
  • Re: Companyweb unable to access
    ... An application error occurred on the server. ... "web.config" configuration file located in the root directory of the ... install right out of the box on a virgin HDD, ...
    (microsoft.public.windows.server.sbs)
  • Re: Had to reinstall OS
    ... Don't worry about it 'til you install a printer. ... On the Computer Name tab, ... > I do have all those tabs but under Paper Size there is only Custom listed. ... > I have looked as you suggested and is does say I am Computer Administrator ...
    (microsoft.public.windowsxp.newusers)
  • Re: Companyweb unable to access
    ... It will point out all these inconsistencies and then re-run the install to pick up the things you missed. ... An application error occurred on the server. ... "web.config" configuration file located in the root directory of the current ... The current error page you are seeing can be replaced by a custom ...
    (microsoft.public.windows.server.sbs)
  • Re: How to give access to ADUC tool without displaying AdminPack tools?
    ... Sounds like what you need is a custom web page not ad tools. ... to install it the minimum AD tools, but even that isn't limited enough ... "Note Active Directory Tools include the following three snap-ins: ... command, then remove the entrys for those tools from the Start Menu ...
    (microsoft.public.windows.server.active_directory)