Royce Williams wrote:
>
> I should have been more explicit. My point is that anyone who says
> "I've never been hacked", regardless of operating system, cannot
> actually know that. Only clumsy cracking is easily detected; there are
> some pretty sophisticated rootkits that capture what is presumably only
> a fraction of someone's expert knowledge. Much of that knowledge is
> about how to keep the compromise undetected for a non-trivial amount
> of time.
While I agree with this, there is a way that you can be pretty darn sure
you have not been compromised. If you install tripwire, learn to use it
correctly, then meticulously audit every change on the system you can
say with reasonable certainty that the system has not had any
unauthorized changes. It's a huge pain, but it does work.
schu
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed Jul 28 14:11:14 2004
This archive was generated by hypermail 2.1.8 : Wed Jul 28 2004 - 14:11:15 AKDT