Date: Sun, 21 Apr 2002 18:10:17 +0200 From: Alson van der Meulen <freebsd@alm.xs4all.nl> To: "Christopher J. Umina" <FJU@Fritzilldo.com> Cc: questions@freebsd.org Subject: Re: no /bin/login?!?! Message-ID: <20020421161017.GB7999@alm.xs4all.nl> In-Reply-To: <005001c1e94d$a2fd56f0$0301a8c0@fritz> References: <001201c1e94a$2b550b50$0301a8c0@fritz> <20020421174337.B82499@mars.thuis> <004001c1e94c$20984180$0301a8c0@fritz> <20020421155617.GA7999@alm.xs4all.nl> <005001c1e94d$a2fd56f0$0301a8c0@fritz>
next in thread | previous in thread | raw e-mail | index | archive | help
Christopher J. Umina(FJU@Fritzilldo.com)@2002.04.21 12:00:17 +0000: > Thanks, I think I'm going to do that, but how can I backup my stuff? I need > some sort of shell to do that... > I just don't know how to do it. You might be able to ssh in (ssh username@hostname). Keep in mind that binaries like ps, ls and netstat could be trojaned to hide the files of the intruder. You really need to get physical access to that box, since complete reinstall (wiping out all existing filesystems) isn't something you can do remotely easily. If you have physical access, you could boot using the boot and fixit floppies, and mount some kind of backup medium. The safest way I think is to backup to some local NFS server. I would try to get this box disconnected from the internet ASAP. As soon it is disconnected, it can not be abused for DDoS attacks or like. For backup purposes you could connect it to an other box using a crosslink cable or local hub/switch. Alson To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020421161017.GB7999>