[GLLUG] meeting idea?

Caleb Cushing xenoterracide at gmail.com
Tue Aug 22 19:57:25 EDT 2006


also if possible putting the hardrive in another computer is a good Idea. 1
reason most of these infections problems are loaded at boot. booting from
another hard drive and then mounting the drive and running scans on it is a
good Idea. this can usually be used to safely transport unninfected data. or
even repair the system without moving data.

On 8/22/06, Thomas Hruska <thruska at cubiclesoft.com> wrote:
>
> Jim Fick wrote:
> > Would it be better to just disconnect the LAN/Internet connection and
> > leave the system running?  That way you don't lose what might be in
> > memory.
> >
> > James A. Fick, Jr
>
> It really depends on how good you are at recovery scenarios.  However, a
> lot of people don't have a plan or can't formulate one and start
> executing it in five minutes.  Some backdoor might also be programmed to
> start overwriting random files if it can't connect to a remote host for
> some set amount of time...causing damage to files and data if you don't
> start doing things right away.  Most systems have critical data that has
> to be gotten off the drive and people have this preference that their
> data remain intact.  If the computer is off, no program can be running
> that could destroy data.  Weigh your risks between losing data and
> discovering every last detail of the malware.  Once you have a detailed
> plan laid out (on paper) for the compromised computer, it becomes a lot
> easier to get up and running again.
>
> Turning off the computer is also a good step to warding off panic.  The
> initial response to being hacked is to panic.  That's the worst mental
> state any computer administrator can have and will result in data loss.
>   With the computer off, you can take your time, calm down, and start
> thinking logically about the recovery process.
>
> --
> Thomas Hruska
> CubicleSoft President
> Ph: 517-803-4197
>
> Safe C++ Design Principles (First Edition)
> Learn how to write memory leak-free, secure,
> portable, and user-friendly software.
>
> Learn more and view a sample chapter:
> http://www.CubicleSoft.com/SafeCPPDesign/
>
> _______________________________________________
> linux-user mailing list
> linux-user at egr.msu.edu
> http://mailman.egr.msu.edu/mailman/listinfo/linux-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.egr.msu.edu/mailman/public/linux-user/attachments/20060822/6d2e2169/attachment.html


More information about the linux-user mailing list