OT: Ebury SSH root kit - RAID swap question
Fairlight
fairlite at fairlite.com
Mon Mar 17 12:46:31 PDT 2014
My $0.02: If you don't -know-, then it will probably be faster and less
painful to just do a fresh install/config than dink around with any
possible quirkiness you may run into trying to shortcut the process.
You may not actually hit problems doing what you suggest. But without
knowing for sure, it seems silly to try and salvage it this way.
mark->
On Mon, Mar 17, 2014 at 03:15:29PM -0400, scooter6 at gmail.com thus spoke:
> So apparently my CentOS 5.10 / filePro 5.6.10D4 server has been infected
> with the Ebury SSH rookit trojan.....where everywhere I look since you
> should do a fresh OS install as the only known completely safe fix....
>
> My question is - I have two identical Dell Poweredge 2850's - same drives,
> same CPU's (2 Xeon 3.20GHz processors)
> I have the infected system set with two RAID 1's -- first for OS and 2nd
> for filepro and data
> Can I build a RAID 1 on the 'second' server, install the OS and swap JUST
> the OS drives with the infected system?
> (I know I'll have to add users, etc) but can I do this as 'simply' as it
> sounds?
> My concern would be the RAID being read on the 'new' server, even though
> it's built the same with the same idential drives, etc....
>
> Is this possible?
>
> thanks
>
> Scott
> PDM
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: http://mailman.celestial.com/pipermail/filepro-list/attachments/20140317/af9a0d54/attachment.html
> _______________________________________________
> Filepro-list mailing list
> Filepro-list at lists.celestial.com
> Subscribe/Unsubscribe/Subscription Changes
> http://mailman.celestial.com/mailman/listinfo/filepro-list
>
--
Audio panton, cogito singularis.
More information about the Filepro-list
mailing list