My zeroth law of compromised machines

February 22, 2007

If you can't find anything wrong, you haven't looked carefully enough.

The immediate corollary is also important:

If you can't find anything, the intruders are still there.

The leading cause for not finding anything wrong on a machine you know is compromised is that you haven't detected the rootkit that is hiding things from you.


Comments on this page:

By cks at 2007-02-22 20:27:28:

An alternate and probably better phrasing:

If you can't find anything, you're missing something.

Written on 22 February 2007.
« A note about the ordering of mixin classes
A simplified summary of Python's method resolution order »

Page tools: View Source, View Normal, Add Comment.
Search:
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Thu Feb 22 15:22:25 2007
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.