[olug] Security breach?
Dan Anderson
dan-anderson at cox.net
Thu Jun 7 04:10:51 UTC 2012
Nice FUD Irish...
There's no legitimate reason to DBAN (or SecureErase or wipe, etc) a
hard disk after a hack/virus/root kit unless you've been attacked by
some sort of enhanced version of the "good times" virus
(http://www.cs.rutgers.edu/~watrous/goodtimes-spoof.html) that
re-infects you from a nearby refrigerator by reassembling the
disconnected blocks. :)
Clear your partitions, re-write your boot sector and reinstall from
known clean media.
Although, I tend to agree with Aric. This probably isn't actually
related to you or your system. I get these sorts of SPAM messages
every couple of years when my friends (coincidentally - the people in
my address book) catch a Windows virus that spams everyone in their
outlook contact list.
And like Christopher says, there are some good file file
hashing/fingerprinting apps available, but they are better used
preemptively.
Dan
On Tue, Jun 5, 2012 at 11:43 PM, irish.masms <irish.masms at gmail.com> wrote:
> Having participated in and managed multiple Incident Response situations
> (aka Security breach cleanup); the only way you will be sure it is clean is
> wipe the drive (using DBAN) and reinstall.
>
> Will you sleep comfortably at night, trusting your system was cleaned? Or
> would you like to be SURE you are clean?
More information about the OLUG
mailing list