On Sunday 11 December 2005 01:16, Scot L. Harris wrote: >On Sun, 2005-12-11 at 00:59, Kam Leo wrote: >> Isn't rebuilding a little extreme? If the cracker got into an >> unpriviledged user's account and no further isn't that particular >> user account the only thing at risk? Shouldn't changing all >> passwords to strong ones and deleting the infected user account and >> files be sufficient? > >How can you be sure they did not crack the root account and bury code > on the system to maintain control? Or crack other user accounts? > >If you take half measures and the system is compromised again you may >not know how or when it happened. And if the cracker gets pissed > that you deleted his spam software he might use your system for > other purposes or cause other damage before you can get it cleaned > out. > >Hopefully his son learned from this why strong passwords are needed. Yeah, when I heard what his sons pw was, it blew me away. Beyond dumb even. I had given Jim a set of FC4.2 cd's a couple of weeks ago, so this really does sound like a good excuse to blow FC3 away and install FC4.2 from scratch. Its a dual boot box cause linux support for audio studio editing still sucks & he is also a musician/author. The windows apps for that Just Work(TM). -- Cheers, Gene People having trouble with vz bouncing email to me should use this address: <gene.heskett@xxxxxxxxxxxxxxxxx> which bypasses vz's stupid bounce rules. I do use spamassassin too. :-) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2005 by Maurice Eugene Heskett, all rights reserved.
