Re: No Security is Bad Security:

mouseRODENTS.MONTREAL.QC.CA

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Paul Leach: "Re: Microsoft Access 97 Stores Database Password as Plaintext"
• Previous message: Marc: "Multiple SLMail Vulnerabilities"
• Maybe in reply to: John \: "No Security is Bad Security:"
• Next in thread: Scott: "Re: No Security is Bad Security:"

>> 1) Don't log in as root on a machine that most likely has been
>> compromised. Bsd things can happen.
> You have to login as root to shutdown the system.  You don't want to
> 'just turn it off' since you can loose [sic] data.

How?  What does just turning it off potentially lose me?  At most, I
think, it risks a little filesystem damage.  Unfortunately shutting
down risks more, especially since if there are files open but unlinked,
I want to know what's in them!  If I take the disk offline - or,
equivalently, just power the system off - then I can use fsck -n or
iorphan to find such files and dumpi to look at them.  If I shut down
"cleanly", they will get destroyed.

Preferable to either, from an information preservation perspective, is
to forcibly crash the system, so as to get a kernel coredump.  This may
or may not be worth the effort, depending on such things as whether
anyone is available with the skill, time, and inclination to grovel
through it looking for evidence.

					der Mouse

			       mouserodents.montreal.qc.ca
		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

• Next message: Paul Leach: "Re: Microsoft Access 97 Stores Database Password as Plaintext"
• Previous message: Marc: "Multiple SLMail Vulnerabilities"
• Maybe in reply to: John \: "No Security is Bad Security:"
• Next in thread: Scott: "Re: No Security is Bad Security:"