[Security] Steps on restoring a cracked system

July 19, 2006

in Security

Today I stumbled over a nice article linked to from OSNews. It outlines the basic steps one has to do when confronted with a system compromise.
From the article:
Donât panic. Keep your calm and develop a plan of actions

Disconnect the system from the network

Discover the method used to compromise the system

Stop all the attacker scripts and remove his files

Restore not affected services

Fix the problem that caused the compromise

Restore the affected services

Monitor the system

EOF

Tags: security