Re: some attack to fedora machine .

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



2008/4/11 Sam Varshavchik <mrsam@xxxxxxxxxxxxxxx>:
> subhodip biswas writes:
>
>
> > Hi !
> >
> >
> > one more thing , I monitored my bandwidth activity for than two hours
> > for my windows box and found upload is quit stable in tha ratio of
> > 1:23  (upload:download) approx.
> > But my linux machine is having a ratio of 1:7
> >
>
>  You can screw around with your compromised machine as long as you want, and
> all you will end up doing is wasting your time.
>
>  Since you acknowledge that you managed to get your Windows install
> trojaned, by the virtue of that it also increases the likely chance that you
> had your Linux install rootkited as well. That's very much possible.
>
>  The only option you have is to reformat your hard drive completely, and
> reinstall both Windows and Linux. There is no magic wand you can wave to
> that will miraculously fix all of your issues. It's clear, based on what
> you've posted, that you do not have the necessary knowhow to conduct a full
> forensic analysis on your compromise machine. That, of course, is not
> entirely your fault, but you just have to come to grips that you have lost
> control of your machine, and that in order to regain it, you must wipe
> everything and reinstall from scratch.
>
>
Thats the suggestion I already got from my ISP  help center . If
reinstalling is the only way to survive then how good is linux from
windows .


Any ways a thanx a lot for hearing to my problem .I ran clamav on  my
mounted windoes partitions and found two more trojans .so cleaned it
all .

Regarding my linux box , I am now getting an almost stable connection
upload download ratio has improved to 1:16 approx. Didn't find
anything specific .

BTW can you provide some links from where i can get some know how
regarding forensic analysis so that i can at least do the necessary
test when machine is attacked again in future .



-- 
Regards
Subhodip Biswas

GPG key : FAEA34AB
Server : pgp.mit.edu
http://subhodipbiswas.wordpress.com
http:/www.fedoraproject.org/wiki/SubhodipBiswas


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux