From owner-freebsd-security Sun Aug 19 17:21:50 2001 Delivered-To: freebsd-security@freebsd.org Received: from smtp10.atl.mindspring.net (smtp10.atl.mindspring.net [207.69.200.246]) by hub.freebsd.org (Postfix) with ESMTP id EE10F37B40F for ; Sun, 19 Aug 2001 17:21:42 -0700 (PDT) (envelope-from lists@alzaid.com) Received: from rami.alzaid.com (user-38ld88t.dsl.mindspring.com [209.86.161.29]) by smtp10.atl.mindspring.net (8.9.3/8.8.5) with ESMTP id UAA24385 for ; Sun, 19 Aug 2001 20:21:41 -0400 (EDT) Message-Id: <5.1.0.14.2.20010819201719.02396ff0@mail.alzaid.com> X-Sender: (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Sun, 19 Aug 2001 20:21:39 -0400 To: freebsd-security@FreeBSD.ORG From: Rami AlZaid Subject: Re: Rooted In-Reply-To: <20010818212540.W38221-100000@localhost> References: <3.0.32.20010819134033.0287f5cc@smtp.magix.com.sg> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 12:26 AM 8/19/2001, you wrote: >You may also be backdoored; if you weren't running something like tripwire >to catch changes in your system files, you may want to go ahead and >re-install FreeBSD entirely. May not be necessary, but it shouldn't hurt. Would deleting /usr/src, cvsuping all the source, making world and replacing all the files in /usr/local/etc and /etc remove the backdoors? or is it necessary to wipe the hard disk and install everything all over again? Thanks Rami AlZaid * ICQ # 1071118 WebPages: www.alzaid.com * www.wooyeah.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message