2008/4/11 Sam Varshavchik <mrsam@xxxxxxxxxxxxxxx>: > subhodip biswas writes: > > > > Hi ! > > > > > > one more thing , I monitored my bandwidth activity for than two hours > > for my windows box and found upload is quit stable in tha ratio of > > 1:23 (upload:download) approx. > > But my linux machine is having a ratio of 1:7 > > > > You can screw around with your compromised machine as long as you want, and > all you will end up doing is wasting your time. > > Since you acknowledge that you managed to get your Windows install > trojaned, by the virtue of that it also increases the likely chance that you > had your Linux install rootkited as well. That's very much possible. > > The only option you have is to reformat your hard drive completely, and > reinstall both Windows and Linux. There is no magic wand you can wave to > that will miraculously fix all of your issues. It's clear, based on what > you've posted, that you do not have the necessary knowhow to conduct a full > forensic analysis on your compromise machine. That, of course, is not > entirely your fault, but you just have to come to grips that you have lost > control of your machine, and that in order to regain it, you must wipe > everything and reinstall from scratch. > > Thats the suggestion I already got from my ISP help center . If reinstalling is the only way to survive then how good is linux from windows . Any ways a thanx a lot for hearing to my problem .I ran clamav on my mounted windoes partitions and found two more trojans .so cleaned it all . Regarding my linux box , I am now getting an almost stable connection upload download ratio has improved to 1:16 approx. Didn't find anything specific . BTW can you provide some links from where i can get some know how regarding forensic analysis so that i can at least do the necessary test when machine is attacked again in future . -- Regards Subhodip Biswas GPG key : FAEA34AB Server : pgp.mit.edu http://subhodipbiswas.wordpress.com http:/www.fedoraproject.org/wiki/SubhodipBiswas
