Date: Tue, 6 Nov 2001 19:23:02 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Kelvin Ng Chee Hoong <nchee_hoong@pacific.net.sg> Cc: Kris Kennaway <kris@obsecurity.org>, freebsd-questions@FreeBSD.ORG Subject: Re: Infected by virus Message-ID: <20011106192302.A35555@xor.obsecurity.org> In-Reply-To: <5.1.0.14.0.20011107111835.00a4a6e0@po.pacific.net.sg>; from nchee_hoong@pacific.net.sg on Wed, Nov 07, 2001 at 11:22:09AM %2B0800 References: <5.1.0.14.0.20011107092016.00a46320@po.pacific.net.sg> <5.1.0.14.0.20011107092016.00a46320@po.pacific.net.sg> <20011106190912.A35365@xor.obsecurity.org> <5.1.0.14.0.20011107111835.00a4a6e0@po.pacific.net.sg>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Wed, Nov 07, 2001 at 11:22:09AM +0800, Kelvin Ng Chee Hoong wrote: > Well ; > This sound bad news to me . :-( > I have installed a lot of application software the system . It consumed me > a lot of time to get these services up. > I am going to cry if you ask me to wipe the disk and re-install . > > :-( If you're very careful to only restore data (not binaries) which you have verified to be unaffected, you can safely do so, but there could be backdoors hidden in any of the binaries on the system, or in configuraton files, etc. Of course, what you do with your system is up to you, but if you don't clean your system thoroughly then you might have ongoing problems if your attackers have left a way to get back in. Kris [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE76KkWWry0BWjoQKURAkhAAJ9I90sQuFKvfcH/U1dwmA/Tox51RwCfcmGS 94rGjCb3IOUCQEFPoxbJuBs= =jaTH -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011106192302.A35555>