My zeroth law of compromised machines
February 22, 2007
If you can't find anything wrong, you haven't looked carefully enough.
The immediate corollary is also important:
If you can't find anything, the intruders are still there.
The leading cause for not finding anything wrong on a machine you know is compromised is that you haven't detected the rootkit that is hiding things from you.
Comments on this page:
By cks at 2007-02-22 20:27:28:
|
|