My zeroth law of compromised machines
February 22, 2007
If you can't find anything wrong, you haven't looked carefully enough.
The immediate corollary is also important:
If you can't find anything, the intruders are still there.
The leading cause for not finding anything wrong on a machine you know is compromised is that you haven't detected the rootkit that is hiding things from you.
(One comment.)
Written on 22 February 2007.
|
|